SimpleSec
Request access
Tools

Every tool SimpleSec uses, mapped to what it does.

We don't reinvent the wheel. SimpleSec orchestrates the same battle-tested open-source tooling your auditor already trusts — then layers AI planning, evidence capture, and approval gates on top.

Recon

Map the attack surface. Discover hosts, services, subdomains, and content before anything intrusive runs.

6 tools

nmap

Industry-standard port and service fingerprinting.

naabu

Fast SYN/CONNECT port scanner from ProjectDiscovery.

subfinder

Passive subdomain enumeration across 30+ sources.

httpx

HTTP probing, status, title, tech detection at scale.

dnsx

Bulk DNS resolution and record enumeration.

katana

Next-gen crawler — discovers endpoints, params, JS files.

Web vulnerability scanners

Find weaknesses in web applications, APIs, and services with proven open-source scanners.

8 tools

nuclei

4,000+ template-driven vulnerability checks.

nikto

Classic web server misconfiguration scanner.

ffuf

Fast directory and parameter fuzzing.

testssl

TLS/SSL configuration and cipher posture audit.

whatweb

Identifies frameworks, CMSes, and versions.

W

wpscan

WordPress core, plugin, and theme vulnerability scan.

kiterunner

Content discovery for modern API endpoints.

arjun

HTTP parameter discovery to surface hidden inputs.

Exploit & validation

Confirm findings are real — not false positives. Targeted exploitation under approval gates.

4 tools

sqlmap

Confirms and exploits SQL injection across DB engines.

dalfox

XSS scanner with proof-of-concept payload generation.

API

OpenAPI probe

Authenticated API surface validation from a spec.

Host discovery

Live host probing across CIDR ranges.

Internal & Active Directory

Once the WireGuard agent is connected, attack the inside the way a foothold attacker would.

8 tools

netexec

Successor to CrackMapExec — SMB, WinRM, MSSQL, LDAP.

Kerberoasting

Extract service tickets for offline cracking.

AS

AS-REP roasting

Capture pre-auth-disabled accounts from Active Directory.

secretsdump

Dump SAM, LSA, and DC secrets via Impacket.

SSH

ssh-audit

SSH server posture, ciphers, key exchange audit.

WinRM exec

Remote PowerShell against Windows targets.

LDAP enum

Domain user, group, and computer enumeration.

SMB enum

Share discovery, signing posture, null session checks.

Database & credentials

Enumerate databases, capture artifacts, audit credential strength with the standard suite.

4 tools

Postgres enum

Database, schema, and table enumeration on Postgres.

MSSQL exec

xp_cmdshell, schema enumeration, role discovery.

hashcat

GPU-accelerated password cracking and rule attacks.

Credential spray

Throttled, approval-gated password spraying.

All of these in one workflow.

You don't install them. You don't glue them together. You launch a scan and SimpleSec runs the right tool at the right time.

Request access See features