ReconPi : A Lightweight Recon Tool That Performs Extensive Scanning

ReconPi is a lightweight recon tool that performs extensive reconnaissance with the latest tools using a Raspberry Pi.

Installation

Check the updated blogpost here for a complete guide on how to set up your own ReconPi: ReconPi Guide

If you prepared your Raspberry Pi through the guide linked above you should be able to continue below.

Tool v2.0 needs the HypriotOS (V1.10.0) image to work 100%!

Easy Installation

Connect to your ReconPi with SSH:

ssh pirate@192.168.2.16 [Change IP to ReconPi IP]

Curl the install.sh script and run it:

curl -L https://raw.githubusercontent.com/x1mdev/ReconPi/master/install.sh | bash

Manual Installation

Connect to your ReconPi with SSH:

$ ssh pirate@192.168.2.16 [Change IP to ReconPi IP]

Now we can set up everything, it’s quite simple:

  • git clone https://github.com/x1mdev/ReconPi.git
  • cd ReconPi
  • ./install.sh
  • The script gives a reboot command at the end of install.sh, please login again to start using the ReconPi.

Grab a cup of coffee since this will take a while.

Also Read – APK-MITM : Android APK Files for HTTPS Inspection

Usage

After installing all of the dependencies for the ReconPi you can finally start doing some recon!

$ recon

recon.sh will first gather resolvers for the given target, followed by subdomain enumeration and checking those assets for potential subdomain takeover. When this is done the IP addresses of the target are enumerated. Open ports will be discovered accompanied by a service scan provided by Nmap.

Finally the live targets will be screenshotted and evaluated to discover endpoints.

Results will be stored on the Recon Pi and can be viewed by running `python -m SimpleHTTPServer 1337″ in your results directory. Your results will be accessible from any system with a browser that exists in the same network.

Tools

Tools that are being used at this moment:

More tools will be added in the future, feel free to make a pull request!