ReconPi : A Lightweight Recon Tool That Performs Extensive Scanning

ReconPi is a lightweight recon tool that performs extensive reconnaissance with the latest tools using a Raspberry Pi.

Installation

Check the updated blogpost here for a complete guide on how to set up your own ReconPi: ReconPi Guide

If you prepared your Raspberry Pi through the guide linked above you should be able to continue below.

Tool v2.0 needs the HypriotOS (V1.10.0) image to work 100%!

Easy Installation

Connect to your ReconPi with SSH:

ssh pirate@192.168.2.16 [Change IP to ReconPi IP]

Curl the install.sh script and run it:

curl -L https://raw.githubusercontent.com/x1mdev/ReconPi/master/install.sh | bash

Manual Installation

Connect to your ReconPi with SSH:

$ ssh pirate@192.168.2.16 [Change IP to ReconPi IP]

Now we can set up everything, it’s quite simple:

  • git clone https://github.com/x1mdev/ReconPi.git
  • cd ReconPi
  • ./install.sh
  • The script gives a reboot command at the end of install.sh, please login again to start using the ReconPi.

Grab a cup of coffee since this will take a while.

Also Read – APK-MITM : Android APK Files for HTTPS Inspection

Usage

After installing all of the dependencies for the ReconPi you can finally start doing some recon!

$ recon

recon.sh will first gather resolvers for the given target, followed by subdomain enumeration and checking those assets for potential subdomain takeover. When this is done the IP addresses of the target are enumerated. Open ports will be discovered accompanied by a service scan provided by Nmap.

Finally the live targets will be screenshotted and evaluated to discover endpoints.

Results will be stored on the Recon Pi and can be viewed by running `python -m SimpleHTTPServer 1337″ in your results directory. Your results will be accessible from any system with a browser that exists in the same network.

Tools

Tools that are being used at this moment:

More tools will be added in the future, feel free to make a pull request!

R K

Recent Posts

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

17 hours ago

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

17 hours ago

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

3 days ago

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

4 days ago

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

2 weeks ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

3 weeks ago