1) collect information on the target
readnotify.com make sure if you email get to the destionation
maltego on https://www.paterva.com inorder to get all the information on personal data in the web
netcraft.org Whois information on the website
archive.org Historical information on the website
database exploit https://www.exploit-db.com/
2) Scanning tools
Nmap https://nmap.org/ for visual interface
Nessus scanning network for exploits
Cain & Abel can be downloaded on oxid.it
hping3 tool Active Network Security Tool