ReconPal : Leveraging NLP For Infosec

Recon is one of the most important phases that seem easy but takes a lot of effort and skill to do right. One needs to know about the right tools, correct queries/syntax, run those queries, correlate the information, and sanitize the output. All of this might be easy for a seasoned infosec/recon professional to do, but for rest, it is still near to magic. How cool it will be to ask a simple question like “Find me an open Memcached server in Singapore with UDP support?” or “How many IP cameras in Singapore are using default credentials?” in a chat and get the answer?

The integration of GPT-3, deep learning-based language models to produce human-like text, with well-known recon tools like Shodan, is the foundation of ReconPal. ReconPal also supports using voice commands to execute popular exploits and perform reconnaissance.

Built With

OpenAI GPT-3
Shodan API
Speech-to-Text
Telegram Bot
Docker Containers
Python 3

Getting Started

To get ReconPal up and running, follow these simple steps.

Prerequisites

Telegram Bot Token Use BotFather and create a new telegram bot. Refer to the documentation at https://core.telegram.org/bots
Shodan API:
Create a shodan Account and create a new API Key from https://account.shodan.io/
Google Speech-to-Text API:
Enable Speech-to-Text in GCP and get the credentials. Refer to these steps from the documentation https://cloud.google.com/speech-to-text/docs/before-you-begin
OpenAI API Key:
Create a free openAI account to try out the API. https://beta.openai.com/account/api-keys
Docker

sudo apt-get updates
sudo apt-get install docker.io
sudo curl -L “https://github.com/docker/compose/releases/download/1.26.0/docker-compose-$(uname -s)-$(uname -m)” -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

Installation

Clone the repo

git clone https://github.com/pentesteracademy/reconpal.git

Enter your OPENAI, SHODAN API keys, and TELEGRAM bot token in docker-compose.yml

OPENAI_API_KEY=
SHODAN_API_KEY=
TELEGRAM_BOT_TOKEN=

Start reconpal

docker-compose up

Usage

Open the telegram app and select the created bot to use ReconPal.

Click on start or just type in the input box.

/start

Register the model

/register

Test the tool with some commands.

scan 10.0.0.8

Related

LazyBox

July 6, 2023

In "Kali Linux"

InfoSec Black Friday Deals – “Friday Hack Fest” 2023 Edition

November 27, 2023

In "Cyber security"

Registry-Recon : Cobalt Strike Aggressor Script That Performs System/AV/EDR Recon

January 12, 2022

In "Kali Linux"

R K

Next Rekono : Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically »

Previous « Top IP Management Softwares in 2022

Leave a Comment

Share

Published by

R K

Tags: InfosecNLPReconPal

4 years ago

Recent Posts

Database Assessment

How to Fix MyISAM Table Corruption in MySQL?

In MySQL Server 5.5 and earlier versions, the MyISAM was the default storage engine. So,…

19 hours ago

Vulnerability Analysis

Microsoft Authenticator Flaw Could Leak Login Codes

A newly disclosed vulnerability in Microsoft Authenticator could expose one time sign in codes or…

1 day ago

software

Modrinth – A Comprehensive Overview of Tools and Functions

Modrinth is a modern platform that’s rapidly changing the landscape of Minecraft modding, providing an…

2 days ago

News

BlackSanta Malware A Stealthy Threat Targeting Recruiters and HR Teams

A new, highly sophisticated malware campaign named BlackSanta has emerged, primarily targeting HR and recruitment…

2 days ago

TECH

Perplexity Launches Personal Computer Features

Perplexity has unveiled an exciting new feature, Personal Computer, which allows AI agents to seamlessly…

2 days ago

Cyber security

Cyberattack or Smoke and Mirrors? The Truth Behind the Alleged Dimona Nuclear Breach

In a recent cyber incident, a group named CARDINAL, associated with the label Russian Legion,…

3 days ago

L