Questions

1. What's a good tool for finding hidden directories and secret files on a site?
2. How and where can you find a map of the site's architecture? How can you create one if it's not already there?
3. How can you safely create a map of an application's attack surface without using scanners or automated scripts?
4. What's a common resource in Python for scraping websites?
5. What are some advantages to writing scripts according to the Unix philosophy (single-purpose, connectable, built around text)?
6. What's a good resource for finding XSS submissions, SQLi snippets, and other fuzzing inputs?
7. What's a good resource for discovering DNS info associated with a target?