Kali Linux

Rekono : Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically

Rekono combines other hacking tools and its results to execute complete pentesting processes against a target in an automated way. The findings obtained during the executions will be sent to the user via email or Telegram notifications and also can be imported in Defect-Dojo if an advanced vulnerability management is needed. Moreover, Rekono includes a Telegram bot that can be used to perform executions easily from anywhere and using any device.

Features

  • Combine hacking tools to create pentesting processes
  • Execute pentesting processes
  • Execute pentesting tools
  • Review findings and receive them via email or Telegram notifications
  • Use Defect-Dojo integration to import the findings detected by Rekono
  • Execute tools and processes from Telegram Bot
  • Wordlists management

Why Rekono?

Do you ever think about the steps that you follow when start a pentesting? Probably you start performing some OSINT tasks to gather public information about the target. Then, maybe you run hosts discovery and ports enumeration tools. When you know what the target exposes, you can execute more specific tools for each service, to get more information and maybe, some vulnerabilities. And finally, if you find the needed information, you will look for a public exploit to get you into the target machine. I know, I know, this is an utopic scenario, and in the most cases the vulnerabilities are found due to the pentester skills and not by scanning tools. But before using your skills, how many time do you spend trying to get as information as possible with hacking tools? Probably, too much.

Why not automate this process and focus on find vulnerabilities using your skills and the information that Rekono sends you?

Supported tools

  • theHarvester
  • EmailHarvester
  • EmailFinder
  • Nmap
  • Sslscan
  • SSLyze
  • SSH Audit
  • SMBMap
  • Dirsearch
  • GitLeaks & GitDumper
  • Log4j Scanner
  • CMSeeK
  • OWASP JoomScan
  • OWASP ZAP
  • Nikto
  • SearchSploit
  • Metasploit

Thanks to all the contributors of these amazing tools!

Installation

Docker

Execute the following commands in the root directory of the project:

docker-compose build
docker-compose up -d

If you need more than one tool running at the same time, you can set the number of executions-worker instances:

docker-compose up -d –scale executions-worker=5

Using Rekono CLI

If your system is Linux, you can use rekono-cli to install Rekono in your system

pip3 install rekono-cli
rekono install

Configuration

You can configure Rekono using two main methods: config.yaml file and environemnt variables. The properties will be obtained in the following priority:

  1. From environment variables
  2. From configuration file. You can use the config.yaml as template
  3. Default value

Rekono supports the following properties:

Environment VariableConfiguration PropertyDefault ValueDescription
REKONO_HOMEN/A/opt/rekono or where the source code livesPath to the Rekono home
RKN_FRONTEND_URLfrontend.urlhttp://127.0.0.1:3000URL used to include links to the Rekono frontend in the notifications
RKN_DB_NAMEdatabase.namerekonoDatabase name
RKN_DB_USERdatabase.userN/ADatabase user
RKN_DB_PASSWORDdatabase.passwordN/ADatabase password
RKN_DB_HOSTdatabase.host127.0.0.1Database host
RKN_DB_PORTdatabase.port5432Database port
RKN_RQ_HOSTrq.host127.0.0.1Redis Queue host
RKN_RQ_PORTrq.port6379Redis Queue port
RKN_EMAIL_HOSTemail.host127.0.0.1SMTP host
RKN_EMAIL_PORTemail.port587SMTP port
RKN_EMAIL_USERemail.userN/ASMTP user
RKN_EMAIL_PASSWORDemail.passwordN/ASMTP password
RKN_TELEGRAM_BOTtelegram.botRekonoTelegram Bot name to be included in the frontend
RKN_TELEGRAM_TOKENtelegram.tokenN/ATelegram Bot token. How to get one?
RKN_DD_URLdefect-dojo.urlhttp://127.0.0.1:8080Defect-Dojo URL
RKN_DD_API_KEYdefect-dojo.api-keyN/ADefect-Dojo API key
N/Adefect-dojo.verifyTrueIndicate if Defect-Dojo certificate should be verified
N/Adefect-dojo.tags[rekono]Tags included in the items created by Rekono in Defect-Dojo
N/Adefect-dojo.product-typeRekono ProjectProduct type naem related to products created by Rekono in Defect-Dojo
N/Adefect-dojo.test-typeRekono Findings ImportTest type name related to tests created by Rekono in Defect-Dojo
N/Adefect-dojo.testRekono TestTest name related to findings imported by Rekono in Defect-Dojo
RKN_OTP_EXPIRATION_HOURSsecurity.otp-expiration-hours24Expiration time in hours for One Time Passwords created by Rekono
RKN_UPLOAD_FILES_MAX_MBsecurity.upload-files-max-mb500MB limit for files uploaded to Rekono. For example, wordlists files
RKN_TRUSTED_PROXYN/AFalseIndicate if Rekono is running with a trusted reverse proxy
RKN_ALLOWED_HOSTSsecurity.allowed-hosts[localhost, 127.0.0.1, ::1]Hosts allowed to access Rekono
RKN_SECRET_KEYsecurity.secret-keyGenerated randomlySecurity key used to sign JWT tokens

To configure also the Rekono frontend based on the previous properties, you can run the following command:

This command will add this properties to the rekono/frontend/.env file:

  • VUE_APP_DEFECTDOJO: Enable or disable Defect-Dojo integration features in the frontend
  • VUE_APP_DEFECTDOJO_URL: Defect-Dojo URL
  • VUE_APP_TELEGRAM_BOT: Name of the Telegram Bot to be displayed in the UI

Of course, you can also configure this properties in the rekono/frontend/.env file directly

R K

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

2 days ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

2 days ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

4 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

7 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago