FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease.
Features
FinalRecon provides detailed information such as :
- Header Information
- Whois
- SSL Certificate Information
- Crawler
- DNS Enumeration
- A, AAAA, ANY, CNAME, MX, NS, SOA, TXT Records
- DMARC Records
- Subdomain Enumeration
- Data Sources
- BuffOver
- crt.sh
- ThreatCrowd
- AnubisDB
- ThreatMiner
- Data Sources
- Traceroute
- Protocols
- UDP
- TCP
- ICMP
- Protocols
- Directory Searching
- Port Scan
- Fast
- Top 1000 Ports
- Open Ports with Standard Services
- Export
- Formats
- txt
- xml
- csv
- Formats
Screenshots
Header Information
WHOIS
SSL Certificate Details
Found Flag in SSL Certificate - Securinets CTF Quals 2019 - Hidden (200 Points)
Crawler
DNS Enumeration
HackTheBox OSINT Challenge
Subdomain Enumeration
Traceroute
Directory Searching
Port Scan
Tested on
- Kali Linux 2019.1
- BlackArch Linux
Installation
git clone https://github.com/thewhiteh4t/FinalRecon.git
cd FinalRecon
pip3 install -r requirements.txt
Usage
python3 finalrecon.py -h
usage: finalrecon.py [-h] [--headers] [--sslinfo] [--whois] [--crawl] [--dns] [--sub] [--trace] [--dir] [--ps]
[--full] [-t T] [-T T] [-w W] [-r] [-s] [-d D] [-m M] [-p P] [-tt TT] [-o O]
url
FinalRecon - OSINT Tool for All-In-One Web Recon | v1.0.2
positional arguments:
url Target URL
optional arguments:
-h, --help show this help message and exit
--headers Header Information
--sslinfo SSL Certificate Information
--whois Whois Lookup
--crawl Crawl Target
--dns DNS Enumeration
--sub Sub-Domain Enumeration
--trace Traceroute
--dir Directory Search
--ps Fast Port Scan
--full Full Recon
Extra Options:
-t T Number of Threads [ Default : 50 ]
-T T Request Timeout [ Default : 10.0 ]
-w W Path t o Wordlist [ Default : wordlists/dirb_common.txt ]
-r Allow Redirect [ Default : False ]
-s Toggle SSL Verification [ Default : True ]
-d D Custom DNS Servers [ Default : 1.1.1.1 ]
-m M Traceroute Mode [ Default : UDP ] [ Available : TCP, ICMP ]
-p P Port for Traceroute [ Default : 80 / 33434 ]
-tt TT Traceroute Timeout [ Default : 1.0 ]
-o O Export Output [ Default : txt ] [ Available : xml, csv ]
# Check headers
python3 finalrecon.py --headers <url>
# Check ssl Certificate
python3 finalrecon.py --sslinfo <url>
# Check whois Information
python3 finalrecon.py --whois <url>
# Crawl Target
python3 finalrecon.py --crawl <url>
# full scan
python3 finalrecon.py --full <url>
Demo