It would be helpful (nice list thanks) to mention which plugins are not free such as: 6. Wappalyzer

I have tried this before it is good but it is not free.

I would also strongly recommend:

retire.js extension - identify vuln JS libs

link grabber - extract all links from page

Proxy Omega -switch between proxys quick

SAML tracer - decode saml authentication

also..

shodan- shows u alot of potential attack vectors on the site

Pentest toolkit - in beta . has promise

dj substance