ReconPi : A Lightweight Recon Tool That Performs Extensive Scanning

ReconPi is a lightweight recon tool that performs extensive reconnaissance with the latest tools using a Raspberry Pi.

Installation

Check the updated blogpost here for a complete guide on how to set up your own ReconPi: ReconPi Guide

If you prepared your Raspberry Pi through the guide linked above you should be able to continue below.

Tool v2.0 needs the HypriotOS (V1.10.0) image to work 100%!

Easy Installation

Connect to your ReconPi with SSH:

ssh pirate@192.168.2.16 [Change IP to ReconPi IP]

Curl the install.sh script and run it:

curl -L https://raw.githubusercontent.com/x1mdev/ReconPi/master/install.sh | bash

Manual Installation

Connect to your ReconPi with SSH:

$ ssh pirate@192.168.2.16 [Change IP to ReconPi IP]

Now we can set up everything, it’s quite simple:

  • git clone https://github.com/x1mdev/ReconPi.git
  • cd ReconPi
  • ./install.sh
  • The script gives a reboot command at the end of install.sh, please login again to start using the ReconPi.

Grab a cup of coffee since this will take a while.

Also Read – APK-MITM : Android APK Files for HTTPS Inspection

Usage

After installing all of the dependencies for the ReconPi you can finally start doing some recon!

$ recon

recon.sh will first gather resolvers for the given target, followed by subdomain enumeration and checking those assets for potential subdomain takeover. When this is done the IP addresses of the target are enumerated. Open ports will be discovered accompanied by a service scan provided by Nmap.

Finally the live targets will be screenshotted and evaluated to discover endpoints.

Results will be stored on the Recon Pi and can be viewed by running `python -m SimpleHTTPServer 1337″ in your results directory. Your results will be accessible from any system with a browser that exists in the same network.

Tools

Tools that are being used at this moment:

More tools will be added in the future, feel free to make a pull request!

R K

Recent Posts

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

1 week ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

2 weeks ago

Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations

Embark on the journey of becoming a certified Red Team professional with our definitive guide.…

2 weeks ago

CVE-2024-5836 / CVE-2024-6778 : Chromium Sandbox Escape via Extension Exploits

This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…

3 weeks ago

Rust BOFs – Unlocking New Potentials In Cobalt Strike

This took me like 4 days (+2 days for an update), but I got it…

3 weeks ago

MaLDAPtive – Pioneering LDAP SearchFilter Parsing And Security Framework

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…

3 weeks ago