Skip to content

403labs/recon-ng_modules

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
2 branches 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
COPYING
 
 
LICENSE
 
 
README.md
 
 
brute_force_threaded.py
 
 
ssl_san_direct.py
 
 
ssl_san Usage Required Python Modules Installation brute_force_threaded Usage Installation

README.md

#Recon-ng Modules

Recon-ng does not allow for the use of third-party python module dependencies and sometimes modules aren't a good fit for the framework. Modules that can't get accepted into the Recon-ng framework will be hosted in this repo.

ssl_san

This module will parse the SSL certificate for the provided URL and enumerate the subject alternative names.

Usage

recon-ng > use ssl_san_direct
recon-ng [ssl_san_direct] > show options

  Name    Current Value     Req  Description
  ------  -------------     ---  -----------
  DOMAIN  www.verisign.com  yes  The host to check for subject alternative names (SAN)
  PORT    443               yes  The port to grab the SSL cert.
recon-ng [ssl_san_direct] > set domain www.verisign.com
DOMAIN => www.verisign.com
recon-ng [ssl_san_direct] > run
[*] www.verisign.com
[*] verisign.com
[*] www.verisign.net
[*] verisign.net
[*] www.verisign.mobi
[*] verisign.mobi
[*] www.verisign.eu
[*] verisign.eu
[*] forms.ws.symantec.com
[*] sslreview.com
[*] www.sslreview.com

Required Python Modules

  • M2Crypto

Installation

  1. easy_install m2crypto
  2. Clone this repo
  3. mkdir -p ~/.recon-ng/modules/discovery/info_disclosure/http/
  4. cp recon-ng_modules/ssl_san_direct.py ~/.recon-ng/modules/discovery/info_disclosure/http/ or ln -s recon-ng_modules/ssl_san_direct.py ~/.recon-ng/modules/discovery/info_disclosure/http/

brute_force_threaded

This is a rewrite of the built-in DNS brute forcing module to add multi-threading support.

Usage

recon-ng > use brute_force_threaded
recon-ng [brute_force_threaded] > show options

  Name        Current Value         Req  Description
  ----------  -------------         ---  -----------
  ATTEMPTS    3                     yes  Number of retry attempts per host
  DOMAIN      example.com           yes  target domain
  NAMESERVER  8.8.8.8               yes  ip address of a valid nameserver
  THREADS     1                     yes  Number of threads
  WORDLIST    ./data/hostnames.txt  yes  path to hostname wordlist

recon-ng [brute_force_threaded] > set domain example.com
DOMAIN => example.com
recon-ng [brute_force_threaded] > set threads 10
THREADS => 10
recon-ng [brute_force_threaded] > run

Installation

  1. Clone this repo
  2. mkdir -p ~/.recon-ng/modules/recon/hosts/gather/dns/
  3. cp recon-ng_modules/brute_force_threaded.py ~/.recon-ng/modules/recon/hosts/gather/dns/ or ln -s recon-ng_modules/brute_force_threaded.py ~/.recon-ng/modules/recon/hosts/gather/dns/

About

Recon-ng modules that won't get accepted into the main distribution because of 3rd party dependencies.

Resources

Readme

License

Unknown, GPL-3.0 licenses found

Licenses found

Unknown
LICENSE
GPL-3.0
COPYING
Activity

Stars

17 stars

Watchers

9 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages