FinalRecon : OSINT Tool for All-In-One Web Reconnaissance

FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease.

Features

It provides detailed information such as :

  • Header Information
  • Whois
  • SSL Certificate Information
  • Crawler
  • DNS Enumeration
    • A, AAAA, ANY, CNAME, MX, NS, SOA, TXT Records
    • DMARC Records
  • Subdomain Enumeration
    • Data Sources
      • BuffOver
      • crt.sh
      • ThreatCrowd
      • AnubisDB
      • ThreatMiner
  • Traceroute
    • Protocols
      • UDP
      • TCP
      • ICMP
  • Directory Searching
  • Port Scan
    • Fast
    • Top 1000 Ports
    • Open Ports with Standard Services
  • Export
    • Formats
      • txt
      • xml
      • csv

Also Read – Lazydocker : The Lazier Way To Manage Everything Docker

Screenshots

  • Header Information
  • WHOIS
  • SSL Certificate Details
  • Crawler
  • DNS Enumeration
  • Subdomain Enumeration
  • Traceroute
  • Directory Searching
  • Port Scan

Tested On

  • Kali Linux 2019.1
  • BlackArch Linux

Installation

git clone https://github.com/thewhiteh4t/FinalRecon.git
cd FinalRecon
pip3 install -r requirements.txt

Usage

python3 finalrecon.py -h

Usage: finalrecon.py [-h] [–headers] [–sslinfo] [–whois] [–crawl] [–dns] [–sub] [–trace] [–dir] [–ps] [–full] [-t T] [-T T] [-w W] [-r] [-s] [-d D] [-m M] [-p P] [-tt TT] [-o O] url

FinalRecon – OSINT Tool for All-In-One Web Recon | v1.0.2

Positional arguments:
url Target URL

Optional arguments:
-h, –help show this help message and exit
–headers Header Information
–sslinfo SSL Certificate Information
–whois Whois Lookup
–crawl Crawl Target
–dns DNS Enumeration
–sub Sub-Domain Enumeration
–trace Traceroute
–dir Directory Search
–ps Fast Port Scan
–full Full Recon

Extra Options:
-t T Number of Threads [ Default : 50 ]
-T T Request Timeout [ Default : 10.0 ]
-w W Path to Wordlist [ Default : wordlists/dirb_common.txt ]
-r Allow Redirect [ Default : False ]
-s Toggle SSL Verification [ Default : True ]
-d D Custom DNS Servers [ Default : 1.1.1.1 ]
-m M Traceroute Mode [ Default : UDP ] [ Available : TCP, ICMP ]
-p P Port for Traceroute [ Default : 80 / 33434 ]
-tt TT Traceroute Timeout [ Default : 1.0 ]
-o O Export Output [ Default : txt ] [ Available : xml, csv ]

  • Check headers

python3 finalrecon.py –headers

  • Check ssl Certificate

python3 finalrecon.py –sslinfo

  • Check whois Information

python3 finalrecon.py –whois

  • Crawl Target

python3 finalrecon.py –crawl

  • Full scan

python3 finalrecon.py –full

Demo

Download
R K

Share
Published by
R K
Tags: All-In-OneFinalReconOSINTReconnaissance
5 years ago

Recent Posts

garak, LLM Vulnerability Scanner : The Comprehensive Tool For Assessing Language Model Security

garak checks if an LLM can be made to fail in a way we don't…

4 hours ago

Vermilion : Mastering Linux Post-Exploitation For Red Team Success

Vermilion is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration…

4 hours ago

AD-CS-Forest-Exploiter : Mastering Security Through PowerShell For AD CS Misconfiguration

ADCFFS is a PowerShell script that can be used to exploit the AD CS container…

4 hours ago

Usage Of Tartufo – A Comprehensive Guide To Securing Your Git Repositories

Tartufo will, by default, scan the entire history of a git repository for any text…

4 hours ago

Loco : A Rails-Inspired Framework For Rust Developers

Loco is strongly inspired by Rails. If you know Rails and Rust, you'll feel at…

1 day ago

Monolith : The Ultimate Tool For Storing Entire Web Pages As Single HTML Files

A data hoarder’s dream come true: bundle any web page into a single HTML file.…

1 day ago