ehsahil / Recon My Way
This repository created for personal use and added tools from my latest blog post.
Stars: ✭ 271
Programming Languages
c
50402 projects - #5 most used programming language
Projects that are alternatives of or similar to Recon My Way
Rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+1169%)
Mutual labels: security-tools, reconnaissance, recon, bugbounty
Recon Pipeline
An automated target reconnaissance pipeline.
Stars: ✭ 278 (+2.58%)
Mutual labels: security-tools, reconnaissance, recon, bugbounty
Awesome Bbht
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-29.89%)
Mutual labels: security-tools, reconnaissance, recon, bugbounty
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+57.56%)
Mutual labels: security-tools, reconnaissance, recon, bugbounty
Sub-Drill
A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (-74.17%)
Mutual labels: recon, bugbounty, reconnaissance
Gitgot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+255.72%)
Mutual labels: security-tools, reconnaissance, recon
Megplus
Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Stars: ✭ 268 (-1.11%)
Mutual labels: reconnaissance, recon, bugbounty
Scilla
🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-57.2%)
Mutual labels: security-tools, reconnaissance, recon
Arl
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+400.74%)
Mutual labels: security-tools, recon, bugbounty
Recsech
Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-36.16%)
Mutual labels: security-tools, reconnaissance, recon
targets
A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (-68.63%)
Mutual labels: recon, bugbounty, reconnaissance
Git Hound
Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (+122.14%)
Mutual labels: security-tools, reconnaissance, recon
Reconky-Automated Bash Script
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-38.38%)
Mutual labels: recon, bugbounty, reconnaissance
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+1151.29%)
Mutual labels: security-tools, reconnaissance, bugbounty
Deksterecon
Web Application recon automation
Stars: ✭ 109 (-59.78%)
Mutual labels: security-tools, recon, bugbounty
Getjs
A tool to fastly get all javascript sources/files
Stars: ✭ 190 (-29.89%)
Mutual labels: reconnaissance, recon, bugbounty
Autorecon
Simple shell script for automated domain recognition with some tools
Stars: ✭ 244 (-9.96%)
Mutual labels: reconnaissance, recon, bugbounty
Intrec Pack
Intelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-34.69%)
Mutual labels: security-tools, reconnaissance, recon
tugarecon
Pentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-47.6%)
Mutual labels: recon, bugbounty, reconnaissance
Recon My Way.
Tools and scripts setting up guide for personal use.
This repository contains the tools and scripts, I added in my recent blog post "Recon-My way" and I personally use.
Here is my blog post https://medium.com/ehsahil/recon-my-way-82b7e5f62e21
Machine Configuration I use - Debian- 9.4, 4 GB RAM on DigitalOcean (You can use any config but this is recommended)
Important things to Install before setting up tools (Debian Based OS)
Git Installation
sudo apt-get upgrade
sudo apt-get update
sudo apt-get install git
Curl installation.
install curl
Go language installation.
-O https://dl.google.com/go/go1.10.2.linux-amd64.tar.gz
sha256sum go1.10.2-linux-amd64.tar.gz
tar xvf go1.10.2.linux-amd64.tar.gz
sudo chown -R root:root ./go
sudo mv go /usr/local
[email protected]:~# vi ~/.profile
and add the following lines in .profile
export GOPATH=$HOME/work
export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin
source ~/.profile
Cleaing Up
rm -rf go1.10.1.linux-amd64.tar.gz
rm -rf work
Ruby Language installation.
install ruby-full
Pip & pip3 install.
install python-pip
install python3-pip //for python 3
Setting up tools for subdomain.rb & recon.rb.
subdomain.rb
colorize gem install
install colorize
Amass
[email protected]:~# go get -u github.com/OWASP/Amass/...
Aquatone
install aquatone
Knockpy
cd knock
sudo apt-get install python-dnspython
set your virustotal API_KEY
sudo python setup.py install
Subfinder
[email protected]:~# go get github.com/subfinder/subfinder
[email protected]:~# subfinder //test run
Subdomains by censys
install censys
export CENSYS_API_ID=Your_Censys_APP_ID
export CENSYS_API_SECRET=Your_Censys_APP_ID
Sublist3r (No longer using-Optional)
[email protected]:~# git clone https://github.com/aboul3la/Sublist3r.git
cd sublist3r
sudo apt-get install python-requests
sudo pip install -r requirements.txt
recon.rb
Host and other dns utils.
install dnsutils
Nmap
install nmap
AWS CLI
install awscli
[email protected]:~# aws configure //Add your AWS keys
Dirsearch
Usage:
-u https://url.com -e *(or any file extension)
GoBuster
[email protected]:~# cd /usr/local/go
[email protected]:~# go get -u github.com/OJ/gobuster
[email protected]:~# gobuster //test run
Note: All credits goes to the original developers of the tools listed in this repository. I do not own any of the tool listed in this repository.
Contributors
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].