ReconPi is a lightweight recon tool that performs extensive reconnaissance with the latest tools using a Raspberry Pi.
Installation
Check the updated blogpost here for a complete guide on how to set up your own ReconPi: ReconPi Guide
If you prepared your Raspberry Pi through the guide linked above you should be able to continue below.
Tool v2.0 needs the HypriotOS (V1.10.0) image to work 100%!
Easy Installation
Connect to your ReconPi with SSH:
ssh pirate@192.168.2.16 [Change IP to ReconPi IP]
Curl the install.sh
script and run it:
curl -L https://raw.githubusercontent.com/x1mdev/ReconPi/master/install.sh | bash
Manual Installation
Connect to your ReconPi with SSH:
$ ssh pirate@192.168.2.16 [Change IP to ReconPi IP]
Now we can set up everything, it’s quite simple:
git clone https://github.com/x1mdev/ReconPi.git
cd ReconPi
./install.sh
- The script gives a
reboot
command at the end ofinstall.sh
, please login again to start using the ReconPi.
Grab a cup of coffee since this will take a while.
Also Read – APK-MITM : Android APK Files for HTTPS Inspection
Usage
After installing all of the dependencies for the ReconPi you can finally start doing some recon!
$ recon
recon.sh
will first gather resolvers for the given target, followed by subdomain enumeration and checking those assets for potential subdomain takeover. When this is done the IP addresses of the target are enumerated. Open ports will be discovered accompanied by a service scan provided by Nmap.
Finally the live targets will be screenshotted and evaluated to discover endpoints.
Results will be stored on the Recon Pi and can be viewed by running `python -m SimpleHTTPServer 1337″ in your results directory. Your results will be accessible from any system with a browser that exists in the same network.
Tools
Tools that are being used at this moment:
- HypriotOS
- GO
- Subfinder (now running on native Go)
- aquatone
- httprobe
- assetfinder
- meg
- gobuster
- Amass
- MassDNS
- masscan
- nmap
- CORScanner
- sublert
- bass
- LinkFinder
More tools will be added in the future, feel free to make a pull request!