Recon-ng is a powerful and open-source web reconnaissance framework used for gathering information during penetration testing, security assessments, or red team operations. It is designed for performing automated information gathering and reconnaissance on domains, IP addresses, and other network infrastructure. The tool provides various modules for conducting reconnaissance tasks, which can be extended and customized based on specific needs.
Recon-ng Installation :
Official Github Repo:
git clone https://github.com/lanmaster53/recon-ng.git
In latest versions of kali linux it can be installed directly from the apt libraries but in other linux distributions the installation is as follows :
[recon-ng][default] > help
Commands (type [help|?] <topic>):
---------------------------------
back Exits the current context
dashboard Displays a summary of activity
db Interfaces with the workspace's database
exit Exits the framework
help Displays this menu
index Creates a module index (dev only)
keys Manages third party resource credentials
marketplace Interfaces with the module marketplace
modules Interfaces with installed modules
options Manages the current context options
pdb Starts a Python Debugger session (dev only)
script Records and executes command scripts
shell Executes shell commands
show Shows various framework items
snapshots Manages workspace snapshots
spool Spools output to a file
workspaces Manages workspaces
[recon-ng][default] > marketplace help
Interfaces with the module marketplace
Usage: marketplace <info|install|refresh|remove|search> [...]
Marketplace search , info, search & installation of modules
[recon-ng][default] > marketplace search ssl
[*] Searching module index for 'ssl'...
+----------------------------------------------------------------------------+
| Path | Version | Status | Updated | D | K |
+----------------------------------------------------------------------------+
| recon/domains-hosts/ssl_san | 1.0 | not installed | 2019-06-24 | | |
| recon/hosts-hosts/ssltools | 1.0 | not installed | 2019-06-24 | | |
| recon/ports-hosts/ssl_scan | 1.1 | not installed | 2021-08-24 | | |
+----------------------------------------------------------------------------+
D = Has dependencies. See info for details.
K = Requires keys. See info for details.
[recon-ng][default] > marketplace info recon/domains-hosts/ssl_san
+---------------------------------------------------------------------------------------------------------------------------------------------+
| path | recon/domains-hosts/ssl_san |
| name | SSL SAN Lookup |
| author | Zach Grace (@ztgrace) zgrace@403labs.com and Bryan Onel (@BryanOnel86) onel@oneleet.com |
| version | 1.0 |
| last_updated | 2019-06-24 |
| description | Uses the ssltools.com API to obtain the Subject Alternative Names for a domain. Updates the 'hosts' table with the results. |
| required_keys | [] |
| dependencies | [] |
| files | [] |
| status | not installed |
+---------------------------------------------------------------------------------------------------------------------------------------------+
[recon-ng][default] > marketplace install recon/ports-hosts/ssl_scan
[*] Module installed: recon/ports-hosts/ssl_scan
[*] Reloading modules...
## To install all modules :
[recon-ng][default] > marketplace install all
