GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → thewhiteh4t → Finalrecon

thewhiteh4t / Finalrecon

Licence: mit
The Last Web Recon Tool You'll Need

Programming Languages

python
139335 projects - #7 most used programming language
python3
1442 projects

Labels

pentestingcrawlerpentest-toolreconnaissancessl-certificatewhoisheaderstraceroute

Projects that are alternatives of or similar to Finalrecon

Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+160.36%)
Mutual labels:  pentesting, pentest-tool, reconnaissance
Bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-39.08%)
Mutual labels:  pentesting, pentest-tool, reconnaissance
Crips
IP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: ✭ 272 (-69.37%)
Mutual labels:  whois, traceroute, pentesting
Eyes
👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-95.72%)
Mutual labels:  pentesting, pentest-tool, reconnaissance
Getaltname
Extract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-63.96%)
Mutual labels:  pentesting, pentest-tool, ssl-certificate
Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+451.46%)
Mutual labels:  pentest-tool, pentesting
Thc Archive
All releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-46.62%)
Mutual labels:  pentesting, pentest-tool
Yasuo
A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (-41.78%)
Mutual labels:  pentesting, pentest-tool
Habu
Hacking Toolkit
Stars: ✭ 635 (-28.49%)
Mutual labels:  pentesting, pentest-tool
Ehtools
Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (-52.48%)
Mutual labels:  pentesting, pentest-tool
Thc Hydra
hydra
Stars: ✭ 5,645 (+535.7%)
Mutual labels:  pentesting, pentest-tool
Sn0int
Semi-automatic OSINT framework and package manager
Stars: ✭ 814 (-8.33%)
Mutual labels:  pentesting, reconnaissance
Nullinux
Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (-49.21%)
Mutual labels:  pentesting, pentest-tool
Justtryharder
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-49.32%)
Mutual labels:  pentesting, pentest-tool
Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (-43.69%)
Mutual labels:  pentesting, pentest-tool
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-51.91%)
Mutual labels:  pentesting, reconnaissance
Lockdoor Framework
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (-23.76%)
Mutual labels:  pentesting, pentest-tool
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+715.99%)
Mutual labels:  pentesting, pentest-tool
Exploitpack
Exploit Pack -The next generation exploit framework
Stars: ✭ 728 (-18.02%)
Mutual labels:  pentesting, pentest-tool
Perun
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (-12.95%)
Mutual labels:  pentesting, pentest-tool
View All Similar Projects ➔

Twitter - Telegram - thewhiteh4t's Blog

FinalRecon is an automatic web reconnaissance tool written in python. Goal of FinalRecon is to provide an overview of the target in a short amount of time while maintaining the accuracy of results. Instead of executing several tools one after another it can provide similar results keeping dependencies small and simple.

Available In

kali linux finalrecon blackarch finalrecon secbsd finalrecon tsurugi linux finalrecon tracelabs finalrecon

Featured

Python For OSINT

NullByte

Hakin9

Features

FinalRecon provides detailed information such as :

  • Header Information

  • Whois

  • SSL Certificate Information

  • Crawler

    • html
      • CSS
      • Javascripts
      • Internal Links
      • External Links
      • Images
    • robots
    • sitemaps
    • Links inside Javascripts
    • Links from Wayback Machine from Last 1 Year

  • DNS Enumeration

    • A, AAAA, ANY, CNAME, MX, NS, SOA, TXT Records
    • DMARC Records

  • Subdomain Enumeration

    • Data Sources
      • BuffOver
      • crt.sh
      • ThreatCrowd
      • AnubisDB
      • ThreatMiner
      • Facebook Certificate Transparency API
        • Auth Token is Required for this source, read Configuration below
      • VirusTotal
        • API Key is Required
      • CertSpotter

  • Traceroute

    • Protocols
      • UDP
      • TCP
      • ICMP

  • Directory Searching

    • Support for File Extensions
    • Directories from Wayback Machine from Last 1 Year

  • Port Scan

    • Fast
    • Top 1000 Ports
    • Open Ports with Standard Services

  • Export

    • Formats
      • txt
      • xml
      • csv

Configuration

API Keys

Some Modules Use API Keys to fetch data from different resources, these are optional, if you are not using an API key, they will be simply skipped. If you are interested in using these resources you can store your API key in keys.json file.

Path --> $HOME/.config/finalrecon/conf/keys.json

If you dont want to use a key for a certain data source just set its value to null, by default values of all available data sources are null.

Facebook Developers API

This data source is used to fetch Certificate Transparency data which is used in Sub Domain Enumeration

Key Format : APP-ID|APP-SECRET

Example :

{
  "facebook": "9go1kx9icpua5cm|20yhraldrxt6fi6z43r3a6ci2vckkst3"
}

Read More : https://developers.facebook.com/docs/facebook-login/access-tokens

VirusTotal API

This data source is used to fetch Sub Domains which are used in Sub Domain Enumeration

Key Format : KEY

Example :

{
	"virustotal": "eu4zc5f0skv15fnw54nkhj4m26zbteh9409aklpxhfpp68s8d4l63pn13rsojt9y"
}

Tested on

  • Kali Linux
  • BlackArch Linux

FinalRecon is a tool for Pentesters and it's designed for Linux based Operating Systems, other platforms like Windows and Termux are NOT supported.

Installation

Kali Linux

sudo apt install finalrecon

BlackArch Linux

sudo pacman -S finalrecon

SecBSD

doas pkg_add finalrecon

Other Linux

git clone https://github.com/thewhiteh4t/FinalRecon.git
cd FinalRecon
pip3 install -r requirements.txt

Docker

docker pull thewhiteh4t/finalrecon
docker run -it --entrypoint /bin/sh thewhiteh4t/finalrecon

Usage

python3 finalrecon.py -h

usage: finalrecon.py [-h] [--headers] [--sslinfo] [--whois] [--crawl] [--dns] [--sub]
                     [--trace] [--dir] [--ps] [--full] [-t T] [-T T] [-w W] [-r] [-s]
                     [-sp SP] [-d D] [-e E] [-m M] [-p P] [-tt TT] [-o O]
                     url

FinalRecon - The Last Web Recon Tool You Will Need | v1.1.0

positional arguments:
  url         Target URL

optional arguments:
  -h, --help  show this help message and exit
  --headers   Header Information
  --sslinfo   SSL Certificate Information
  --whois     Whois Lookup
  --crawl     Crawl Target
  --dns       DNS Enumeration
  --sub       Sub-Domain Enumeration
  --trace     Traceroute
  --dir       Directory Search
  --ps        Fast Port Scan
  --full      Full Recon

Extra Options:
  -t T        Number of Threads [ Default : 30 ]
  -T T        Request Timeout [ Default : 30.0 ]
  -w W        Path to Wordlist [ Default : wordlists/dirb_common.txt ]
  -r          Allow Redirect [ Default : False ]
  -s          Toggle SSL Verification [ Default : True ]
  -sp SP      Specify SSL Port [ Default : 443 ]
  -d D        Custom DNS Servers [ Default : 1.1.1.1 ]
  -e E        File Extensions [ Example : txt, xml, php ]
  -m M        Traceroute Mode [ Default : UDP ] [ Available : TCP, ICMP ]
  -p P        Port for Traceroute [ Default : 80 / 33434 ]
  -tt TT      Traceroute Timeout [ Default : 1.0 ]
  -o O        Export Output [ Default : txt ] [ Available : xml, csv ]

# Check headers

python3 finalrecon.py --headers <url>

# Check ssl Certificate

python3 finalrecon.py --sslinfo <url>

# Check whois Information

python3 finalrecon.py --whois <url>

# Crawl Target

python3 finalrecon.py --crawl <url>

# Directory Searching

python3 finalrecon.py --dir <url> -e txt,php -w /path/to/wordlist

# full scan

python3 finalrecon.py --full <url>

Demo

Youtube

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].