The script aims to help in classifying vulnerabilities in web applications. The methodology RecoX is arising can spot weaknesses other than OWASP top ten. The script presents information against the target system.
It gathers the information recursively over each subdomain, and IP address for a sophisticated attack. RecoX automates several functions and saves a significant amount of time that requires throughout a manual penetration test.
For more detail please read this document.
Also Read – S3BucketList : Firefox Plugin That Lists Amazon S3 Buckets Found In Requests
Usage
git clone https://github.com/samhaxr/recox
chmod +x recox.sh
./recox.sh
Paste the below command to run the tool from anywhere in the terminal.
mv recox.sh /usr/local/bin/recox
The deep scanner comprises many check-ups including subdomain takeover, A record, passive scan, active scan, CORS misconfiguration, zone transfer test, and web content discovery.
Youtube Tutorial
A critical vulnerability, CVE-2025-29927, has been identified in Next.js, a React-based web framework by Vercel.…
pugDNS is an experimental, high-performance DNS query tool designed to facilitate fast and accurate bulk…
The ZeroDays CTF 2025, held on March 22nd at Croke Park in Dublin, Ireland, marks…
CloudPEASS is a suite of tools designed to help users identify potential privilege escalation paths…
The OSCE³ (Offensive Security Certified Expert 3) and OSEE (Offensive Security Exploitation Expert) certifications are…
Nyxian is a JavaScript-based low-level scripting language designed specifically for iOS. It provides a powerful…