A comprehensive OSINT toolkit for cybersecurity professionals, penetration testers, bug bounty hunters, and digital forensics investigators.
We've completely revamped the Shodan integration with powerful new features that make API key management effortless!
π§ Command Line API Management
# Set your Shodan API key instantly - no more interactive prompts!
python3 bloodrecon.py --shodan-api "your_api_key_here"π Streamlined Configuration
- New Location:
~/.config-vritrasecz/bloodrecon-shodan.json - Auto Directory Creation: Tool creates config directories automatically
- JSON-Only Storage: Simplified, reliable configuration management
π Smart API Key Handling
- Automatic Replacement: New API keys seamlessly replace existing ones
- Input Validation: Enhanced validation prevents empty or invalid keys
- Better Error Messages: Clear, actionable feedback for users
β‘ Improved User Experience
- One-Command Setup: Get Shodan running with a single command
- Non-Interactive Mode: Perfect for automation and scripting
- Cleaner Output: More intuitive and professional interface
# 1. Set your API key (one time setup)
python3 bloodrecon.py --shodan-api "your_shodan_api_key"
# 2. Start using Shodan immediately
python3 bloodrecon.py --shodan 8.8.8.8
python3 bloodrecon.py --shodan google.comπ‘ Pro Tip: Your API key is saved securely and will be used automatically for all future Shodan queries!
π What Changed:
- Moved from
~/.osint_shodan_configto organized~/.config-vritrasecz/directory - Removed dual config.py file management for simplified workflow
- Enhanced error handling and user feedback
- Added
--shodan-apicommand line argument
π Get Started: View complete changelog β’ API Configuration Guide
- π― Overview
- β¨ Key Features
- π οΈ Installation
- π Usage
- π§ Modules
- π API Key Configuration
- πΈ Screenshots
- π Folder Structure
- βοΈ Legal Disclaimer
- π¨βπ» Author
- π€ Contributing
- π License
BloodRecon is a state-of-the-art OSINT (Open Source Intelligence) framework that provides cybersecurity professionals with 34+ specialized modules for comprehensive reconnaissance and intelligence gathering. Built with Python 3.x, it offers both interactive menu-driven and command-line interfaces for maximum flexibility.
π 34 Specialized OSINT Modules
π Network & Infrastructure Analysis (IP, DNS, WHOIS, SSL, Ports)
π Web Application Security Testing (Headers, Robots, Directories)
π₯ Social Media & Personal Intelligence (GitHub, Social Platforms)
π Document & Metadata Analysis (EXIF, Document Properties)
π Advanced Search Capabilities (Google Dorking, Wayback Machine)
π Communication Intelligence (Email, Phone Number Analysis)
π‘οΈ Threat Intelligence Integration (Shodan)
πΎ Data Breach & Leak Detection
π¨ Interactive CLI Interface with Target Input Examples
π Colored Terminal Output for Enhanced Readability
# Clone the repository
git clone https://github.com/VritraSecz/BloodRecon.git
# Navigate to the project directory
cd BloodRecon
# Install Python dependencies
pip install -r requirements.txt
# Make the script executable
chmod +x bloodrecon.py
# Run the tool
python bloodrecon.py --interactive# Update packages and install dependencies
pkg update && pkg upgrade
pkg install git python
# Clone the repository
git clone https://github.com/VritraSecz/BloodRecon.git
# Navigate to the project directory
cd BloodRecon
# Install Python dependencies
pip install -r requirements.txt
# Run the tool
python bloodrecon.py --interactiveBloodRecon requires the following Python packages:
colorama==0.4.6
dnspython==2.7.0
mmh3==5.1.0
phonenumbers==9.0.10
Pillow==11.3.0
requests==2.32.4
shodan==1.31.0
urllib3==2.5.0
whois==1.20240129.2
Launch BloodRecon in interactive mode for a user-friendly menu experience:
python bloodrecon.py --interactiveBloodRecon supports extensive command-line options for automation and scripting:
# IP Address Analysis
python bloodrecon.py --ip 8.8.8.8
# Domain WHOIS Lookup
python bloodrecon.py --whois example.com
# DNS Records Analysis
python bloodrecon.py --dns google.com
# HTTP Headers Analysis
python bloodrecon.py --headers https://example.com
# Social Media Username Check
python bloodrecon.py --social username123
# Email Validation
python bloodrecon.py --email test@example.com
# Phone Number Intelligence
python bloodrecon.py --phone +1234567890
# Shodan Intelligence Lookup
python bloodrecon.py --shodan 8.8.8.8# Google Dorking
python bloodrecon.py --dork "site:example.com filetype:pdf"
# Subdomain Discovery
python bloodrecon.py --subdomains example.com
# SSL Certificate Analysis
python bloodrecon.py --ssl example.com:443
# Directory Bruteforcing
python bloodrecon.py --dir-brute https://example.com
# JavaScript Endpoint Scanner
python bloodrecon.py --js-endpoints https://example.com
# IP Range Scanner
python bloodrecon.py --ip-scan 192.168.1.0/24
# Wayback Machine Search
python bloodrecon.py --wayback example.com
# GitHub Intelligence
python bloodrecon.py --github octocat# Display detailed tool information
python bloodrecon.py --about
# Show developer contact information
python bloodrecon.py --connect
# Show version
python bloodrecon.py --version
# Display help
python bloodrecon.py --helpBloodRecon features 34+ specialized OSINT modules organized into categories:
| Module | Description | Usage Example |
|---|---|---|
| π IP Lookup | Comprehensive IP address intelligence including geolocation, ISP, ASN | --ip 8.8.8.8 |
| π WHOIS Lookup | Domain registration information and ownership details | --whois example.com |
| π DNS Lookup | DNS records analysis (A, AAAA, MX, TXT, NS) | --dns google.com |
| π Reverse DNS | Reverse DNS lookup for IP addresses | --reverse 8.8.8.8 |
| π Port Scanner | Network port scanning and service detection | --ports 192.168.1.1 |
| π SSL Scanner | SSL/TLS certificate analysis and security assessment | --ssl example.com:443 |
| π IP Range Scanner | Scan IP ranges for active hosts | --ip-scan 192.168.1.0/24 |
| π’ ASN Resolver | Resolve ASN numbers to IP ranges | --asn AS15169 |
| π ISP Tracker | Track IP addresses to ISP information | --isp 8.8.8.8 |
| Module | Description | Usage Example |
|---|---|---|
| π HTTP Headers | HTTP security headers analysis | --headers https://example.com |
| π€ Robots Scanner | Robots.txt file analysis and discovery | --robots https://example.com |
| π Directory Bruteforce | Web directory and file discovery | --dir-brute https://example.com |
| πΊοΈ Sitemap Parser | XML sitemap parsing and analysis | --sitemap https://example.com |
| β‘ JS Endpoint Scanner | JavaScript file analysis for API endpoints | --js-endpoints https://example.com |
| π¨ Favicon Hash | Generate favicon hashes for fingerprinting | --favicon https://example.com |
| π§ Tech Fingerprint | Web technology stack identification | --tech https://example.com |
| π URL Analyzer | URL threat analysis and reputation check | --url https://suspicious-site.com |
| π User-Agent Detector | User-Agent string analysis and detection | --useragent "Mozilla/5.0..." |
| Module | Description | Usage Example |
|---|---|---|
| π₯ Social Checker | Username availability across social platforms | --social johndoe |
| π GitHub Intel | GitHub user and repository intelligence | --github octocat |
| π± Phone Intel | Phone number intelligence and carrier info | --phone +1234567890 |
| π§ Email Validator | Email address validation and domain analysis | --email test@example.com |
| ποΈ Temp Email Checker | Temporary/disposable email detection | --temp-email test@tempmail.com |
| Module | Description | Usage Example |
|---|---|---|
| π· EXIF Extractor | Image metadata and EXIF data extraction | --exif image.jpg |
| π Doc Metadata | Document metadata extraction (PDF, DOCX, etc.) | --metadata document.pdf |
| Module | Description | Usage Example |
|---|---|---|
| π Google Dorking | Advanced Google search queries | --dork "site:example.com filetype:pdf" |
| π Subdomain Finder | Subdomain discovery and enumeration | --subdomains example.com |
| β° Wayback Machine | Historical website data from Internet Archive | --wayback example.com |
| π·οΈ Common Crawl | Search Common Crawl web archive data | --common-crawl example.com |
| π Pastebin Search | Search Pastebin for data dumps and leaks | --pastebin searchterm |
| πΎ Leak Search | Data breach and leak detection | --leak email@example.com |
| π Google Drive Leaks | Search for leaked Google Drive files | --gdrive folderID |
| πΊοΈ Maps Parser | Parse and analyze Google Maps links | --maps "https://maps.google.com/..." |
| Module | Description | Usage Example |
|---|---|---|
| π‘οΈ Shodan Lookup | Shodan API integration for host intelligence | --shodan 8.8.8.8 |
Some modules require API keys for enhanced functionality. BloodRecon now offers multiple convenient ways to configure your API keys:
- Get your free API key at Shodan.io
- Set it instantly with one command:
# Set your Shodan API key (replaces any existing key)
python3 bloodrecon.py --shodan-api "your_shodan_api_key_here"- Start using Shodan immediately:
# Your API key is now saved and ready to use!
python3 bloodrecon.py --shodan 8.8.8.8
python3 bloodrecon.py --shodan google.com- Storage Location:
~/.config-vritrasecz/bloodrecon-shodan.json - Auto Directory Creation: Config directories are created automatically
- Key Replacement: New keys seamlessly replace existing ones
- Persistent Storage: API key is saved for all future sessions
Environment Variable:
export SHODAN_API_KEY="your_api_key_here"
python3 bloodrecon.py --shodan 8.8.8.8Legacy config.py (still supported):
# modules/config.py
SHODAN_API_KEY = 'your_shodan_api_key_here'Interactive Mode:
- The tool will prompt for the key if not configured
- Entered keys are automatically saved for future use
π Security Best Practices:
- β
Use the
--shodan-apicommand for secure local storage - β Use environment variables for server deployments
- β Never commit API keys to version control
- β Avoid hardcoding keys in scripts
π‘ Pro Tip: The new JSON config system in v1.2.0 provides the most reliable and user-friendly API key management!
BloodRecon/
β
βββ π bloodrecon.py # Main application file
βββ π requirements.txt # Python dependencies
βββ π LICENSE # License File
βββ π README.md # This file
βββ π CHANGELOG.md # Version history and changes
β
βββ π modules/ # OSINT modules directory
βββ π list-imp/ # Important list
β βββ π common.txt # Password list for Dir Bruteforce
β βββ π temp-domains.txt # Temp mail domain list
β
βββ π __init__.py # Module initialization
βββ π colors.py # Color management and styling
βββ π config.py # Configuration file (API keys)
β
βββ π Network & Infrastructure
βββ π ip_lookup.py # IP address intelligence
βββ π whois_lookup.py # WHOIS domain lookup
βββ π dns_lookup.py # DNS records analysis
βββ π reverse_dns.py # Reverse DNS lookup
βββ π port_scanner.py # Port scanning functionality
βββ π ssl_scanner.py # SSL certificate analysis
βββ π ip_range_scanner.py # IP range scanning
βββ π asn_resolver.py # ASN to IP range resolution
βββ π isp_tracker.py # ISP tracking
β
βββ π Web Application Security
βββ π http_headers.py # HTTP headers analysis
βββ π robots_scanner.py # Robots.txt scanner
βββ π directory_bruteforce.py # Directory bruteforcing
βββ π sitemap_parser.py # Sitemap analysis
βββ π js_endpoint_scanner.py # JavaScript endpoint discovery
βββ π favicon_hash.py # Favicon hash generation
βββ π tech_fingerprint.py # Technology fingerprinting
βββ π url_analyzer.py # URL threat analysis
βββ π useragent_detector.py # User-Agent analysis
β
βββ π₯ Social & Personal Intel
βββ π social_checker.py # Social media username check
βββ π github_intel.py # GitHub intelligence
βββ π phone_intel.py # Phone number analysis
βββ π email_validator.py # Email validation
βββ π temp_email_checker.py # Temporary email detection
β
βββ π Document & Metadata Analysis
βββ π exif_extractor.py # EXIF metadata extraction
βββ π doc_metadata.py # Document metadata analysis
β
βββ π Search & Discovery
βββ π google_dorking.py # Google dorking
βββ π subdomain_finder.py # Subdomain discovery
βββ π wayback_machine.py # Wayback Machine search
βββ π common_crawl.py # Common Crawl search
βββ π pastebin_search.py # Pastebin searching
βββ π leak_search.py # Data breach search
βββ π google_drive_leaks.py # Google Drive leak search
βββ π maps_parser.py # Google Maps link parser
βββ π shodan_lookup.py # Shodan API integration
- Educational purposes and learning OSINT techniques
- Authorized penetration testing and security assessments
- Bug bounty programs with proper scope authorization
- Digital forensics investigations by authorized personnel
- Security research within legal boundaries
- Unauthorized surveillance or stalking
- Illegal data collection or privacy violations
- Malicious reconnaissance or attack preparation
- Any activity violating local, state, or federal laws
Users are solely responsible for ensuring compliance with applicable laws and regulations in their jurisdiction.
Contributions are welcome! Here's how you can help:
- π΄ Fork the repository
- πΏ Create a feature branch (
git checkout -b feature/AmazingFeature) - πΎ Commit your changes (
git commit -m 'Add some AmazingFeature') - π€ Push to the branch (
git push origin feature/AmazingFeature) - π Open a Pull Request
- π Report bugs and issues
- π‘ Suggest new features or modules
- π Improve documentation
- π§ Add new OSINT modules
- π§ͺ Write tests
- π Translate to other languages
β If you found BloodRecon useful, please consider giving it a star!
Made with β€οΈ by Alex Butler