Reconftw is an open source program written in golang that helps us gather important information about our goals.
Character
- Tools checker
- Google Dorks (based on deggogle_hunter)
- Subdomain enumeration (passive, resolution, bruteforce and permutations)
- Sub TKO (subjack and nuclei)
- Web Prober (httpx)
- Web screenshot (aquatone)
- Template scanner (nuclei)
- Port Scanner (new)
- Url extraction (waybackurls, gau, hakrawler, github-endpoints)
- Pattern Search (gf and gf-patterns)
- Param discovery (paramspider and arjun)
- XSS (Gxss and dalfox)
- Open redirect (Openredirex)
- SSRF checks (from m4ll0k / Bug-Bounty-Toolz / SSRF.py)
- Github Check (git-hound)
- Favicon Real IP (fav-up)
- JS Checks (LinkFinder, SecretFinder, scripts from JSFScan)
- Fuzzing (ffuf)
- Cors (Corsy)
- SSL Check (testssl)
- Interlace integration
- Custom output folder (default under Recon / target.com /)
- Run standalone steps (subdomains, subtko, web, gdorks…)
- Polished installer compatible with most distros
- Verbose mode
- Update tools script
Installation and Use
git clone https://github.com/six2dez/reconftw | |
<span class="pl-c1">cd</chip> reconftw | |
chmod +x <span class="pl-k">*</chip>.sh | |
./install.sh | |
./reconftw.sh -d target.com -a |
Mindmap / Workflow
Examples
Full scan:
./reconftw.sh -d target.com -a |
Subdomains scan:
./reconftw.sh -d target.com -s |
Web scan:
./reconftw.sh -d target.com -l targets.txt -w |
Dorks:
./reconftw.sh -d target.com -g |
You can download the program from here.
Read them Technology News from all over the world, with the validity of iGuRu.gr
Follow us on Google News
CDK: Penetration Toolkit for Containers
»
Comment Policy:
IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators