Subdomain Enumeration: Amass, Subfinder, and Asset Discovery
A practical subdomain enumeration playbook for pentesters — passive sources, active DNS brute force, and how to keep results organized across engagements.
Security Tools
Reviews, guides, and tutorials for the latest penetration testing tools and security software.
28 articles
Articles in Security Tools
Bug Bounty Recon Workflow: Subdomains to Exploitable Routes
A bug bounty recon workflow from asset discovery through parameter mining, JavaScript analysis, and keeping multiple programs organized.
BloodHound for Pentesters: Attack Path Discovery Guide
Use BloodHound CE and classic BloodHound for AD attack path analysis — collection, dangerous permissions, and documenting paths for reports.
Auto-Discover API Routes from Gobuster, ffuf, and dirb Scans
Stop copy-pasting enumeration hits into spreadsheets. Learn how HackFast parses gobuster, ffuf, dirb, and feroxbuster output and logs every path to your API tracker automatically.
Deploy Fusion Agents from AI Chat: Run Scans Without Leaving the Conversation
Ask HackFast AI to run nmap, gobuster, or an exploit — and confirm inline to dispatch a fusion agent on your connected machine. Full guide to agent deploy from chat.
Project Intel Cache: Instant Tab Mentions and AI Context
HackFast's per-project intel cache makes Tab searches instant and keeps AI grounded in your latest IPs, ports, people, and credentials.
HackFast Chats: Full-Screen AI Assistant for Penetration Testing
Meet HackFast Chats — a dedicated workspace for back-and-forth pentest questions with project context, Tab mentions, and agent deploy built in.
Report Builder Saved Intel: One-Click Findings from Your Pentest
Save credentials, employees, and CVEs during testing. Insert them into multi-page reports with coloured resource chips and quick-start templates.
AI Insights on Attack Surface: Ask Your Targets Questions
Attach IPs and ports, ask questions, get formatted answers. Learn how HackFast AI Insights Briefing and Chat tabs accelerate recon analysis.
Red Team Operations: Shared Context Beats Spreadsheets
How red team operations platforms reduce friction — live shells, shared findings, operator handoffs, and evidence that survives multi-week campaigns.
Directory Enumeration: Gobuster vs ffuf vs feroxbuster
Compare gobuster, ffuf, and feroxbuster for web content discovery. Learn wordlist selection, status code filtering, and how HackFast auto-logs your hits.
Nmap -sV -sC Scanning: Service Detection for Pentesters
Master nmap version detection and default script scanning. Learn to import full script output into HackFast with per-port context preserved.
CredCruncher in 2026: Exact Email Search and Auto Breach Flags
Find leaked credentials with exact email matching, automatic breach indicators on OSINT cards, and one-click save to Report Builder.
Fusion Terminal: Your AI-Powered Pentesting Co-Pilot
Learn how HackFast's Fusion Terminal uses AI to provide real-time insights, exploit suggestions, and attack path recommendations based on your discovered vulnerabilities.
API Route Tracking: Discover and Monitor Endpoints Automatically
Learn how HackFast's API tracker automatically discovers, monitors, and analyzes API endpoints to identify potential security gaps and attack vectors.
Attack Chain Visualization: Map Your Path to Success
Learn how HackFast's Attack Chain visualizer helps you map discovered vulnerabilities into clear, actionable attack paths that show how to achieve your objectives.
CredCruncher: Advanced Credential Discovery and Analysis
Learn how HackFast's CredCruncher helps you discover, analyze, and test credentials across your target infrastructure for effective authentication attacks.
Breach Data Discovery: Find Leaked Credentials Automatically
Learn how HackFast's breach scanning automatically discovers leaked credentials and passwords from data breaches, mapping them to discovered personnel for credential stuffing attacks.
Interactive Report Builder: Create Professional Pentest Reports
Learn how HackFast's interactive report builder lets you create professional penetration test reports by linking data from across your project with simple Tab-to-link functionality.
Complete Guide to API Tracking in Penetration Testing
Master API discovery, documentation, and security testing with HackFast's API Tracking tool. Learn how to systematically map, analyze, and test API endpoints for vulnerabilities.
OSINT Mapping: Discover People and Build Organizational Charts
Learn how HackFast's OSINT mapping tools help you discover key personnel, build organizational hierarchies, and map relationships for social engineering and targeted attacks.
Credential Discovery with HackFast CredCruncher: Complete DeHashed Integration Guide
Master credential discovery and breach data analysis with HackFast CredCruncher. Learn how to leverage DeHashed integration for comprehensive credential enumeration and password analysis.
AI-Powered Attack Chain Building: Visualize and Execute Penetration Testing Paths
Master attack chain visualization and AI-powered attack path generation with HackFast. Learn how to build, optimize, and execute sophisticated penetration testing attack chains.
OSINT People Intelligence: Complete Guide to HackFast OSINT Map
Master OSINT people mapping, company intelligence, and relationship analysis with HackFast OSINT Map. Learn how to build organizational hierarchies and discover digital footprints.
Fusion Terminal: AI-Powered Natural Language Penetration Testing
Master AI-driven penetration testing with HackFast Fusion Terminal. Learn how to execute complex security tasks using natural language commands and intelligent multi-step execution.
Advanced Nmap Techniques for Network Discovery
Master advanced Nmap scanning techniques, stealth methods, and custom scripts for comprehensive network reconnaissance in penetration testing.
Interactive Report Builder: Streamline Penetration Testing Documentation
Master HackFast's Interactive Report Builder for creating professional penetration testing reports. Learn how to build comprehensive, well-organized reports with smart linking and real-time collaboration.
Modern API Security Testing: OWASP API Top 10
Comprehensive guide to API penetration testing covering REST, GraphQL, and WebSocket APIs. Learn to identify and exploit API vulnerabilities effectively.