Recon-NG (Part 1)



  • Hello! Today I’ll talk about a great framework like Recon-NG.

    Recon-NG is a full-featured web intelligence framework written in Python. Included are independent modules, interaction with the database, convenient built-in functions, interactive help and completion of commands. Recon-ng provides a powerful environment in which exploration based on open web sources can be carried out quickly and thoroughly. Information Gathering is needed for OSINT (Open Source INTellegence).

    Completely modular framework, which makes writing new modules easy even for novice Python developers.

    Each module is a subclass of the "module" class. The module class is a customized cmd interpreter with built-in functionality that provides simple interfaces for popular tasks such as standardized output, interacting with a database, creating web requests and managing API keys. Thus, all the hard work has already been done. Creating modules is easy and takes a little more than a few minutes.

    Carries out an automated search for usernames, profiles, devices, etc.

    • Open source.
    • Сli interface (Metasploit).
    • Uses modules.
    • It is written in Python.
    • Recon-ng is already embedded in Kali linux, Parrot OS, * Cyborg Hawk (All OSs where IB tools are installed)

    Installation:

    Install specific packages

    sudo apt install libxm12-dev libxslt1-dev python-dev
    

    Download

    git clone https: //[email protected]/LaNMaSteR53/recon-ng.git

    Go to the utility folder

    cd recon-ng

    Install pip

    pip install -r REQUIREMENTS

    We launch

    ./recon-ng
    9f889ad7-d94f-4e03-bcf7-9af205262231-image.png

    Above the splash screen, you get a red error screen, these are just warnings that the API keys for these services are not full. Many of the modules within the reconfiguration use web services, which require an API key for full access to the data.

    The reconfigured wiki has a quick mileage of keys where you can get them. This will save you time on each of the sites that are looking for an API registration page.

    For example, to get the key to use the google API, you need to register at the following link: https://console.developers.google.com/apis/dashboard

    You will need these APIs:

    YouTube Data API

    1. Custom Search API

    Recon-ng uses many sources of information. These are popular search engines, social networks and popular services like github.

    Among them, specialized search engines can be noted:
    Shodan - a search engine for Internet devices;
    censys.io - Search engine on devices and networks of the Internet.

    haveibeenpwned.com - account hacking information.

    http://mailtester.com

    Using:

    recon-ng [-h] [-v] [-w workspace] [-r filename] [--no-check]
    

    -h, --help show help message and exit

    -v, --version show program version and exit

    -w workspace load / create workspace

    -r filename load commands from source file

    --no-check disable version checking

    --no-analytics disable reporting analytics

    The text interface is similar to that of Metasploit and set (Social Enginering Toolkit). So here you can create workspaces (workspace), connect the modules, set their parameters and finally run. Information will be saved in the database. For each working environment, their own instances of tables are saved.

    We load the module with the command:

    use recon / contacts-contacts / mailtester

    or

    use mailtetser

    Teams:
    To create a workplace you need to enter:

    workspace add name
    View the main parameters (proxy, user agent, etc.):

    set
    Show all tables:

    show schema
    Show all modules:

    show modules
    Use module:

    use <modules name>

    As a rule, for the module to work, you need to set one or more initial variables (site address, user name, etc.). Their name and purpose depends on the purpose of the module. By default, most modules use data from tables. Almost every module has a SOURCE parameter (see example below). SOURCE = default if data from the table will be used. But you can take data, such as a list of email addresses from a file.

    set SOURCE full_file_name
    Or if you need to check only one value, then specify it directly:

    set SOURCE value
    After executing a module, the results of work are usually written in tables.

    Show the number of records in each table (this is also a separate table):

    show dashboard
    Show any table, for example profiles:

    show profiles
    Add an entry to the table:

    add table_name field1 ~ field2 ~ field3
    View information:

    show info
    That’s all.


Log in to reply
 


LIVE Chat
Login in your account to Start Chat