Giters

h0tak88r / Recon88r

Python/Bash automation customization script designed to automate the reconnaissance process

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Recon88r Script

This Python script automates the reconnaissance process for penetration testers and bug hunters. It is designed to streamline subdomain enumeration, port scanning, template-based scanning, XSS, JS file analysis, and searching for exposed panels. The script sends live results via Discord, eliminating the need to manually check logs. It can be run as a cron job or within a tmux session, allowing users to efficiently await results.

Prerequisites

Before using the script, ensure you have the following tools and dependencies installed:

Setup

  1. Clone the repository:

    git clone https://github.com/h0tak88r/Recon88r.git

  2. Navigate to the script directory:

    cd Recon88r

  3. Set up a virtual environment (optional but recommended):

    python -m venv venv
source venv/bin/activate  # On Windows, use 'venv\Scripts\activate'

  4. Install the required prerequisites:

    bash install.sh

  5. Configure Discord Webhook URL in the Notify tool configuration file:

    nano $HOME/.config/notify/provider-config.yaml

Usage

Run the script with the desired options to perform reconnaissance tasks. Below are some examples:

python3 recon88r.py -d wurl.com -ps -ac -p -nt -nf -ep -js -xss -f -wh your_discord_webhook_url

Available Options:

  • -d, --domain: Target domain for reconnaissance (required).
  • -ps, --passive: Perform passive subdomain enumeration.
  • -ac --active : Active subdoamins enumeration
  • -p, --portscan: Perform port scanning.
  • -nt, --new-templates: Scan with newly added templates to the nuclei templates repo.
  • -nf, --nuclei-full: Perform a full nuclei scan.
  • -ep, --exposed-panels: Perform Panels dorking with nuclei templates.
  • -js, --js-exposures: Perform JS Exposures.
  • -sl, --subs-file: Path to the subdomains file(Sometimes you got the subdomains from other tools and wanna do just the other features only so pass the subs list and enjoy other features).
  • -xss, --xss-scan: Perform XSS scans.
  • -wh, --webhook: Webhook URL for Discord.
  • '-f, --fuzzing': Fuzzing with GET/POST using various techniques.

Workflow Mind-Map

url -> https://xmind.works/share/jhW6EyeZ Recon88r py Workflow-Map 1

Bash Version

  • Simply run it using command bash recon88r.sh

Contributing

If you encounter any issues or have suggestions for improvements, feel free to open an issue or submit a pull request. Collaboration is welcome, and don't hesitate to reach out for assistance.

About

Python/Bash automation customization script designed to automate the reconnaissance process

Languages

Language:Python 69.1%Language:Shell 30.9%