Scribd
Upload
168 views13 pages

Recon Practical

Recon-ng is a Python-based framework for open source web reconnaissance with modules, databases, and functions like Metasploit but designed exclusively for reconnaissance. It allows adding domains and modules to gather information like contacts, credentials, social media, DNS records, subdomains and generates an HTML report. Commands like 'recon-ng', 'workspaces add', 'add domains', 'show modules', 'use module_name', 'set parameters', and 'run' are used to perform reconnaissance tasks in Recon-ng.

Uploaded by

NEROB KUMAR MOHONTO XRLNZGkUXm
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
168 views13 pages

Recon Practical

Recon-ng is a Python-based framework for open source web reconnaissance with modules, databases, and functions like Metasploit but designed exclusively for reconnaissance. It allows adding domains and modules to gather information like contacts, credentials, social media, DNS records, subdomains and generates an HTML report. Commands like 'recon-ng', 'workspaces add', 'add domains', 'show modules', 'use module_name', 'set parameters', and 'run' are used to perform reconnaissance tasks in Recon-ng.

Uploaded by

NEROB KUMAR MOHONTO XRLNZGkUXm
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 13

Information Gathering Using

Recon-ng Tool

Recon-ng is a full-featured Web Reconnaissance framework


written in Python. Complete with independent modules,
database interaction, built-in convenience functions, interactive
help, and command completion, Recon-ng provides a powerful
environment in which open source web-based reconnaissance
can be conducted quickly and thoroughly. Recon-ng has a look
and feel similar to the Metasploit Framework, reducing the
learning curve for leveraging the framework. However, it is
quite different. Recon-ng is not intended to compete with
existing frameworks, as it is designed exclusively for web-based
open source reconnaissance. If you want to exploit, use the
Metasploit Framework. If you want to Social Engineer, us the
Social Engineer Toolkit. If you want to conduct reconnaissance,
use Recon-ng.

To start Recon-ng in Kali Linux in the terminal type.

Command: recon-ng
To add workspace type

Command: workspaces add pen_test


To add domains about which you want to gather information
type

Command: add domains comptia.org (here we are taking


the example of CompTIA website)

To check whether the domain is added successfully type

Command: show domains
Now to check the modules available type

Command: show modules

A module is a specific task that recon-ng will execute based on


the parameters you provide it. the Recon category has the most
modules so far.
Command: search the domain for contact information.

Command: use recon/domains-contacts/whois_pocs

show options (it will show source option )

run (contacts & email addresses will be displayed)


Search account for evidence of compromise

Command: use recon/contacts-credentials/hibp_breach

This module search that has I been pawned ??HIBP database to


see if a particular email account is known to have been affected
by any major breaches in the last few years.

set source email address (enter the email address you found in
the previous step to check whether I was compromised in last
few years or not.)
Identify the organization’s social media presence

Command: use recon/profiles-profiles/profiler

set source comptia (here domain will be domain name


without the top level domain suffix)

run
In the same way, you can use different modules to gather
information about the organization like.

Identify organization mail based DNS Records

Command: recon/domains-hosts/mx_spf_ip

run

Search subdomains

Command : recon/domains-hosts/brute_hosts

run

At last to generate a report of your findings type


Command: use reporting /html

show options

set creator (your name)

set customer (clients name )

set filename /root/desktop/recon_report.html

run

You might also like