Hacking – Reconnaissance
– Active Reconnaissance

Fierce
theHarvester
SubBrute
CeWL
DieBuster
WhatWeb
Maltego
KALI - [whatweb] command

– Passive Reconnaissance

Shodan - https://www.shodan.io 
Censys - https://censys.io/ 
ZoomEye - https://www.zoomeye.org/

Pentest-Tools - https://pentest-tools.com
DNSdumpster - https://dnsdumpster.com
Virustotal - https://www.virustotal.com/
DNSgoodies - http://dnsgoodies.com/
Google Hacking Database - https://www.exploit-db.com/google-hacking-database/
Wolfram Alpha - https://www.wolframalpha.com
YouGetSignal (Reverse IP Lookup) - https://www.yougetsignal.com
PIPL - https://pipl.com (Social Media)
Google Advanced Search/ Google Hacking
Builtwith.com - https://builtwith.com

recon-ng - https://bitbucket.org/LaNMaSteR53/recon-ng
Dnsscan - https://github.com/rbsec/dnscan
Sublist3r - https://github.com/aboul3la/Sublist3r
Aquatone - https://github.com/michenriksen/aquatone

API REST testing tools:
Advanced REST client (Google Chrome plugin)
DHC REST client (google chrome plugin)

API Explorer:
Graph API Explorer (Facebook)
Dropbox API Explorer (Dropbox)

Archives/ Cache

https://archive.org/
http://cachedview.com/

Email Tracking Tools

Email tracker pro - http://www.emailtrackerpro.com
Didtheyreadit - didtheyreadit.com