Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

Related tags

Security related resources recon-ng
Overview

The Recon-ng Framework

Recon-ng content now available on Pluralsight!

Recon-ng is a full-featured reconnaissance framework designed with the goal of providing a powerful environment to conduct open source web-based reconnaissance quickly and thoroughly.

Recon-ng has a look and feel similar to the Metasploit Framework, reducing the learning curve for leveraging the framework. However, it is quite different. Recon-ng is not intended to compete with existing frameworks, as it is designed exclusively for web-based open source reconnaissance. If you want to exploit, use the Metasploit Framework. If you want to social engineer, use the Social-Engineer Toolkit. If you want to conduct reconnaissance, use Recon-ng! See the Wiki to get started.

Recon-ng is a completely modular framework and makes it easy for even the newest of Python developers to contribute. See the Development Guide for more information on building and maintaining modules.

Sponsors

Black Hills Information Security


Practical Security Services

Donations

Recon-ng is free software. However, large amounts of time and effort go into its continued development. If you are interested in financially supporting the project, you can view and assist in marketing the Pluralsight content, or send a donation to tjt1980[at]gmail.com via PayPal. Thank you.

Comments
  • Not working: recon-ng in Kali (Windows Subsystem for Linux (WSL))

    Not working: recon-ng in Kali (Windows Subsystem for Linux (WSL))

    I have recon-ng installed in Kali running as a windows subsystem. When I start by typing ./recon-ng it starts but says: [*] No modules enabled/installed. (see screenshot).

    Is this because running Kali as a subsystem for Linux is causing problems, or something else?

    Screenshot: Screenshot from recon-ng

    opened by HeeresS 17
  • bing_domain_web module error

    bing_domain_web module error

    When run command is sent to bing_domain_web module the following error is returned

    [!] Name 'urllib' is not defined. [!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

    opened by ghost 14
  • Issue 'HTMLParser' object has no attribute 'unescape'.

    Issue 'HTMLParser' object has no attribute 'unescape'.

    I am trying to use recon-ng to do a scan, the steps below all work until it gets to the end of the scan.

    recon-ng marketplace refresh marketplace install all modules search modules load recon/domains-contacts/pgp_search info options set SOURCE website run

    Soon as I hit run I get the following error:

    [!] 'HTMLParser' object has no attribute 'unescape'. [!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

    I then did "options set verbosity 2" and redone the scan, this time it showed:

    Traceback (most recent call last):
    File "/usr/share/recon-ng/recon/core/module.py", line 347, in do_run
    self.run()
    File "/usr/share/recon-ng/recon/core/module.py", line 341, in run
    self.module_run(*params)
    File "/home/kali/.recon-ng/modules/recon/domains-contacts/pgp_search.py", line 42, in module_run
    fname, mname, lname = parse_name(name)
    File "/usr/share/recon-ng/recon/utils/parsers.py", line 16, in parse_name
    elements = [h.unescape(x) for x in s.strip().split()]
    File "/usr/share/recon-ng/recon/utils/parsers.py", line 16, in
    elements = [h.unescape(x) for x in s.strip().split()]
    AttributeError: 'HTMLParser' object has no attribute 'unescape'

    [!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

    From doing research HTMLParser.unescape was removed from Python since version 3.9.0a1 so can we get a fix for this as nothing works.

    I am currently using Kali Linux 64-Bit (Installer) with all updates done.

    opened by ghost 12
  • [!] Unable to synchronize module index. (ConnectionError).

    [!] Unable to synchronize module index. (ConnectionError).

    I try many ways to solve it ,unforturnaly its can't succeed !!! how can solve this problom? environment : in Vmware install kali linux i can connect internet!!!

    opened by CLXgithub 11
  • recon-ng

    recon-ng", line 16

    root@xxxx:/opt/ferramentas/osint/recon-ng# python3 recon-ng File "recon-ng", line 16 print(f"{Colors.R}[!] Module 'readline' not available. Tab complete disabled.{Colors.N}") ^ Help men

    opened by meetgyn 10
  • findsubdomains module 'lxml' has no attribute 'html'

    findsubdomains module 'lxml' has no attribute 'html'

    Installed recon-ng 5.0.1 from apt repository and tried out findsubdomains module.

    options set SOURCE website.site [!] Module 'lxml' has no attribute 'html'

    opened by l4jos 8
  • Syntax error on start up

    Syntax error on start up

    Just installed Recon-ng but when I am starting the program I get this syntax error:

    File "./recon-ng", line 16 print(f"{Colors.R}[!] Module 'readline' not available. Tab complete disabled.{Colors.N}")

    Has a modification been done on this line?

       Art
    opened by Artook10 7
  • Python >= 3.6.0 setup issue with pip requirements (jsonschema needs to be prior to 3.0.0)

    Python >= 3.6.0 setup issue with pip requirements (jsonschema needs to be prior to 3.0.0)

    I am using python 3.8.1 via pyenv, and I get the following when attempting to pip install -r REQUIREMENTS"

    pip install -r REQUIREMENTS [truncated] ERROR: flasgger 0.9.3 has requirement jsonschema<3.0.0, but you'll have jsonschema 3.2.0 which is incompatible.

    This can be easily addressed by issuing the following command: pip install 'jsonschema==2.6.0'

    bug 
    opened by jabberwock 7
  • Is it possible to execute a task through through the web-server

    Is it possible to execute a task through through the web-server

    Hello!

    I run the recon-ng web server by ./recon-web and create a new task by passing path through POST /tasks and see my tasks in a list ...

    Screenshot from 2019-11-20 22-37-45

    So. If it is in the list with status queued how to execute it? I could not find any mention about it on API endpoints.

    I am wondering cause it looks like API has all the features about how to prepare module and task to run but I could not get hot to execute it...

    opened by makstakeda 7
  • Please add a notes column to the ports table in the database

    Please add a notes column to the ports table in the database

    Would it be possible to please add a "notes" column to the "ports" table as freeform text, so modules can put notes about the port. This could include service information as imported from Nmap, for example.

    opened by 0xd0ug 7
  • Me again, i know.

    Me again, i know.

    Yep, its me again. Where in the wiki would i find the new syntax? Trying to set a location this tine after setting source ip using ipinfodb Thanks in advance!

    opened by ben-17benson 6
  • Problem on modules load recon/profiles-profiles/profiler

    Problem on modules load recon/profiles-profiles/profiler

    Sorry if I am posting something of stupid. I have this problem on recon-ng [recon-ng][reconnaissance] > modules load recon/profiles-profiles/profiler [recon-ng][reconnaissance][profiler] > options set SOURCE MarkZuckerberg SOURCE => MarkZuckerberg [recon-ng][reconnaissance][profiler] > run

    [*] Retrieving https://raw.githubusercontent.com/WebBreacher/WhatsMyName/master/web_accounts_list.json...

    Looking Up Data For: Markzuckerberg

    [!] Extra data: line 1 column 4 - line 1 column 15 (char 3 - 14). [!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting. [recon-ng][reconnaissance][profiler] >

    opened by gioguanuo 1
  • [!] Unable to synchronize module index. (ConnectTimeout).

    [!] Unable to synchronize module index. (ConnectTimeout).

    Hi, I am using the updated recon-ng (v5.1.2) and installed it using the apt package manager while running the tool get started but at the top there is an error shown below in image. When I try to run 'marketplace search domain' I get an error showing me usage but I am unable to figure out. All the steps I tried to solve it are shown in image below. Kindly provide the assistance in solving this issue. Recon-ng_error

    opened by LOKESHG1234 0
  • Version Check failed (ConnectionError)

    Version Check failed (ConnectionError)

    I've tried changing the PROXY ,refreshing the marketplace but this problem still persist can anyone please provide a solution for this or recommend some other tool for the same

    Screenshot_20221218_134316

    opened by sannidhya004 1
  • Profiller issue.

    Profiller issue.

    After running profiler:

    Traceback (most recent call last):
    File "/usr/lib/python3/dist-packages/requests/models.py", line 910, in json
    return complexjson.loads(self.text, **kwargs)
    File "/usr/lib/python3/dist-packages/simplejson/init.py", line 525, in loads
    return _default_decoder.decode(s)
    File "/usr/lib/python3/dist-packages/simplejson/decoder.py", line 373, in decode
    raise JSONDecodeError("Extra data", s, end, len(s))
    simplejson.errors.JSONDecodeError: Extra data: line 1 column 4 - line 1 column 15 (char 3 - 14)

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
    File "/usr/share/recon-ng/recon/core/module.py", line 342, in do_run
    self.run()
    File "/usr/share/recon-ng/recon/core/module.py", line 336, in run
    self.module_run(*params)
    File "/home/kali/.recon-ng/modules/recon/profiles-profiles/profiler.py", line 26, in module_run
    self.thread(resp.json()['sites'], user)
    File "/usr/lib/python3/dist-packages/requests/models.py", line 917, in json
    raise RequestsJSONDecodeError(e.msg, e.doc, e.pos)
    requests.exceptions.JSONDecodeError: [Errno Extra data] 404: Not Found: 3

    [!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

    opened by michaelpotter16 3
  • [recon/domains-hosts/threatcrowd] Modules Error

    [recon/domains-hosts/threatcrowd] Modules Error

    Hi brother, I have a problem when I run the module "recon/domains-hosts/threatcrowd"

    Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/requests/models.py", line 910, in json
    return complexjson.loads(self.text, **kwargs)
  File "/usr/lib/python3/dist-packages/simplejson/__init__.py", line 525, in loads
    return _default_decoder.decode(s)
  File "/usr/lib/python3/dist-packages/simplejson/decoder.py", line 370, in decode
    obj, end = self.raw_decode(s)
  File "/usr/lib/python3/dist-packages/simplejson/decoder.py", line 400, in raw_decode
    return self.scan_once(s, idx=_w(s, idx).end())
simplejson.errors.JSONDecodeError: Expecting value: line 1 column 1 (char 0)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/share/recon-ng/recon/core/module.py", line 342, in do_run
    self.run()
  File "/usr/share/recon-ng/recon/core/module.py", line 336, in run
    self.module_run(*params)
  File "/recon-ng/modules/recon/domains-hosts/threatcrowd.py", line 17, in module_run
    if resp.json().get('response_code') == '1':
  File "/usr/lib/python3/dist-packages/requests/models.py", line 917, in json
    raise RequestsJSONDecodeError(e.msg, e.doc, e.pos)
requests.exceptions.JSONDecodeError: [Errno Expecting value] <html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body>
<center><h1>503 Service Temporarily Unavailable</h1></center>
</body>
</html>
: 0
------------------------------------------------------------
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

    please help me, this tool is very important

    opened by k0x00 0
  • [recon/domains-hosts/ssl_san ] Modules Error

    [recon/domains-hosts/ssl_san ] Modules Error

    Hi brother, I have a problem when I run the module "recon/domains-hosts/ssl_san"

    ------------------------------------------------------------
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/requests/models.py", line 910, in json
    return complexjson.loads(self.text, **kwargs)
  File "/usr/lib/python3/dist-packages/simplejson/__init__.py", line 525, in loads
    return _default_decoder.decode(s)
  File "/usr/lib/python3/dist-packages/simplejson/decoder.py", line 370, in decode
    obj, end = self.raw_decode(s)
  File "/usr/lib/python3/dist-packages/simplejson/decoder.py", line 400, in raw_decode
    return self.scan_once(s, idx=_w(s, idx).end())
simplejson.errors.JSONDecodeError: Expecting value: line 1 column 1 (char 0)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/recon-ng-master/recon/core/module.py", line 342, in do_run
    self.run()
  File "/recon-ng-master/recon/core/module.py", line 336, in run
    self.module_run(*params)
  File "/recon-ng/modules/recon/domains-hosts/ssl_san.py", line 19, in module_run
    if not resp.json()['response']:
  File "/usr/lib/python3/dist-packages/requests/models.py", line 917, in json
    raise RequestsJSONDecodeError(e.msg, e.doc, e.pos)
requests.exceptions.JSONDecodeError: [Errno Expecting value] <!DOCTYPE html>
<html>

<head>
    <meta charset="UTF-8">
    <meta name=viewport content="width=device-width, initial-scale=1">
    <title>Page Not Found</title>
    <link href="dist/css/bootstrap.min.css" rel="stylesheet">
    <link href="dist/css/bootsharp.min.css" rel="stylesheet">
    <link href="dist/img/favicon.ico" rel="icon">
</head>

<body>
    <!--Modal to show certificate body-->
    <div class="modal fade" id="certModal" tabindex="-1" role="dialog" aria-labelledby="certeModalLabel">
        <div class="modal-dialog" role="document">
            <div class="modal-content">
                <div class="modal-header">
                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                        <span aria-hidden="true">&times;</span>
                    </button>
                    <h4 class="modal-title" id="certModalLabel"></h4>
                </div>
                <div class="modal-body">
                    <tt id="cert_body"></tt>
                </div>
                <div class="modal-footer">
                    <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
                </div>
            </div>
        </div>
    </div>
    <nav class="navbar navbar-default" id="navbar">
        <div class="container-fluid">
            <!-- Brand and toggle get grouped for better mobile display -->
            <div class="navbar-header">
                <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1"
                    aria-expanded="false">
                    <span class="sr-only">Toggle navigation</span>
                    <span class="icon-bar"></span>
                    <span class="icon-bar"></span>
                    <span class="icon-bar"></span>
                </button>
                <a class="navbar-brand" href="/">SSL Tools</a>
            </div>
            <!-- Collect the nav links, forms, and other content for toggling -->
            <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
                <ul class="nav navbar-nav">
                    <li>
                        <a id="scanner_btn" style="cursor: pointer;" href="/">Scanner</a>
                    </li>
                    <li>
                        <a id="decoder_btn" style="cursor: pointer;" href="/decoder">Decoder</a>
                    </li>
                    <li>
                        <a id="suggestions_btn" style="cursor: pointer;" href="/suggestions">Suggestions</a>
                    </li>
                </ul>

            </div>
            <!-- /.container-fluid -->
    </nav>
    <br>
    <br>
    <br>
    <div>
        <h1 class="text-center">Whoops. Probably should have stopped and asked for directions...</h1>
    </div>

</body>
<script language="javascript" type="text/javascript" src="dist/js/jquery.min.js"></script>
<script language="javascript" type="text/javascript" src="dist/js/bootstrap.min.js"></script>


</html>: 0
------------------------------------------------------------
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

    please help me, this tool is very important

    opened by k0x00 0
Owner
null
GitHub
A windows post exploitation tool that contains a lot of features for information gathering and more.

Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script

null 29 Nov 20, 2022
Mr.Holmes is a information gathering tool (OSINT)

?? Mr.Holmes Mr.Holmes is a information gathering tool (OSINT). Is main purpose is to gain information about domains,username and phone numbers with t

null 534 Jan 8, 2023
Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source

Infoga - Email OSINT Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pg

m4ll0k (mallok) 1.8k Jan 4, 2023
Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe. https://github.com/adobe

Welcome to HubbleStack!! You can find the docs here You can file an issue here Follow us on Twitter! Development Below are sample instructions to setu

HubbleStack 368 Jan 4, 2023
🔍 IRIS: An open-source intelligence framework

IRIS is an open-source OSINT framework, consisting of modules to find information about a target by scraping sites and fetching data from APIs.

IRIS 79 Dec 20, 2022
Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ

Steven Black 22.1k Jan 2, 2023
Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolección de información Pronto más opciones In

null 3 Apr 9, 2022
A collection of intelligence about Log4Shell and its exploitation activity

Log4Shell-IOCs Members of the Curated Intelligence Trust Group have compiled a list of IOC feeds and threat reports focused on the recent Log4Shell ex

Curated Intel 172 Nov 17, 2022
This is a Python program that implements a vacuum cleaner as an Artificial Intelligence.

Vacuum-Cleaner Python3 This is a Python3 agent that implements a simulator for a vacuum cleaner and it is introduction to Artificial Intelligence. A s

Abdultawwab Safarji 6 Nov 14, 2022
Open Source Tool - Cybersecurity Graph Database in Neo4j

GraphKer Open Source Tool - Cybersecurity Graph Database in Neo4j |G|r|a|p|h|K|e|r| { open source tool for a cybersecurity graph database in neo4j } W

Adamantios - Marios Berzovitis 27 Dec 6, 2022
Scout Suite - an open source multi-cloud security-auditing tool,

Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t

NCC Group Plc 5k Jan 5, 2023
A Python tool to automate some dorking stuff to find information disclosures.

WebDork v1.0.3 A open-source tool to find publicly available sensitive information about Companies/Organisations! WebDork A Python tool to automate so

Rahul rc 123 Jan 8, 2023
A traceroute tool that also displays IP information

infotr A traceroute tool that also displays IP information. This tool has only been tested on Linux. Quick Start First, install this tool from PyPI. p

K4YT3X 10 Oct 29, 2022
This tool ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes.

This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes. secure development, if currently supported, possible backdoors (malicious embedded code), typosquatting analysis, the history of versions and reported vulnerabilities (CVEs) of the package.

Telefónica 66 Nov 8, 2022
OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238.

OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238. It generates and validates OTPs based

null 1 Nov 15, 2021
SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly identify the weakness.

null 136 Dec 13, 2022
Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary.

Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n

midas 20 Dec 24, 2022
A tool for making python source difficult to read.

obscurepy Description A tool for obscuring, or making python source code difficult to read. Table of Contents Installation Limitations Usage Disclaime

Andrew Christiansen 10 Jul 31, 2022
Tool for finding PHP source code vulnerabilities.

vulnz Tool for finding php source code vulnerabilities. Scans PHP source code and prints out potentially dangerous lines. This tool is useful for secu

Mateo Hanžek 1 Jan 14, 2022