m0rd3caii / rec0n Public

Notifications You must be signed in to change notification settings
Fork 7
Star 44

A fully automated subdomain reconnaissance and sensitive data discovery toolkit.

44 stars 7 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
README.md		README.md
poc.gif		poc.gif
rec0n.py		rec0n.py
requirements.txt		requirements.txt

Repository files navigation

rec0n — Automated Subdomain & Sensitive Data Recon Tool ⚡

⚡ A fully automated subdomain reconnaissance and sensitive data discovery toolkit.

🛠 Features

🔎 Subdomain enumeration (subfinder, crt.sh)
🌐 Live host detection with httpx
🔥 Vulnerability scanning (CORS) using nuclei
🧾 Historical data collection from archive.org
🕵️‍♂️ Sensitive file discovery (.sql, .xml, .zip, etc.)
🚨 Live sensitive file validation
🎨 Clean, colored CLI output for easy reading
📁 Organized output directory per scan

📦 Requirements

Install the following tools before using rec0n:

subfinder
httpx
nuclei
anew
uro
jq
Python 3.7+
Install required Python modules:

pip3 install -r requirements.txt

❤️ Credits Inspired by tools from:

ProjectDiscovery
TomNomNom
s0md3v
The Bug Bounty community

About

A fully automated subdomain reconnaissance and sensitive data discovery toolkit.

bugbounty hacking-tool bugbounty-tool webpentesting

Report repository

Releases

No releases published

Packages

No packages published

Languages

Python 100.0%