Skip to content

OSINT Tool for All-In-One Web Reconnaissance

License

Notifications You must be signed in to change notification settings

inc775/FinalRecon

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Twitter - Telegram - thewhiteh4t's Blog

Available in

FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease.

Featured

NullByte

Hakin9

Features

FinalRecon provides detailed information such as :

  • Header Information

  • Whois

  • SSL Certificate Information

  • Crawler

  • DNS Enumeration

    • A, AAAA, ANY, CNAME, MX, NS, SOA, TXT Records
    • DMARC Records
  • Subdomain Enumeration

    • Data Sources
      • BuffOver
      • crt.sh
      • ThreatCrowd
      • AnubisDB
      • ThreatMiner
  • Traceroute

    • Protocols
      • UDP
      • TCP
      • ICMP
  • Directory Searching

  • Port Scan

    • Fast
    • Top 1000 Ports
    • Open Ports with Standard Services
  • Export

    • Formats
      • txt
      • xml
      • csv

Screenshots

Header Information

WHOIS

SSL Certificate Details

Found Flag in SSL Certificate - Securinets CTF Quals 2019 - Hidden (200 Points)

Crawler

DNS Enumeration

HackTheBox OSINT Challenge

Subdomain Enumeration

Traceroute

Directory Searching

Port Scan

Tested on

  • Kali Linux 2019.1
  • BlackArch Linux

Installation

git clone https://github.com/thewhiteh4t/FinalRecon.git
cd FinalRecon
pip3 install -r requirements.txt

Usage

python3 finalrecon.py -h

usage: finalrecon.py [-h] [--headers] [--sslinfo] [--whois] [--crawl] [--dns] [--sub] [--trace] [--dir] [--ps]
                     [--full] [-t T] [-T T] [-w W] [-r] [-s] [-d D] [-m M] [-p P] [-tt TT] [-o O]
                     url

FinalRecon - OSINT Tool for All-In-One Web Recon | v1.0.2

positional arguments:
  url         Target URL

optional arguments:
  -h, --help  show this help message and exit
  --headers   Header Information
  --sslinfo   SSL Certificate Information
  --whois     Whois Lookup
  --crawl     Crawl Target
  --dns       DNS Enumeration
  --sub       Sub-Domain Enumeration
  --trace     Traceroute
  --dir       Directory Search
  --ps        Fast Port Scan
  --full      Full Recon

Extra Options:
  -t T        Number of Threads [ Default : 50 ]
  -T T        Request Timeout [ Default : 10.0 ]
  -w W        Path to Wordlist [ Default : wordlists/dirb_common.txt ]
  -r          Allow Redirect [ Default : False ]
  -s          Toggle SSL Verification [ Default : True ]
  -d D        Custom DNS Servers [ Default : 1.1.1.1 ]
  -m M        Traceroute Mode [ Default : UDP ] [ Available : TCP, ICMP ]
  -p P        Port for Traceroute [ Default : 80 / 33434 ]
  -tt TT      Traceroute Timeout [ Default : 1.0 ]
  -o O        Export Output [ Default : txt ] [ Available : xml, csv ]
# Check headers

python3 finalrecon.py --headers <url>

# Check ssl Certificate

python3 finalrecon.py --sslinfo <url>

# Check whois Information

python3 finalrecon.py --whois <url>

# Crawl Target

python3 finalrecon.py --crawl <url>

# full scan

python3 finalrecon.py --full <url>

Demo

Youtube

About

OSINT Tool for All-In-One Web Reconnaissance

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%