𓅃 FalconRecon

Reconnaissance Framework
𓅃 Flying low, scanning high 𓅃

Quick Start • Features • Modules • Installation • Usage • Contributing

---

Overview

FalconRecon is a powerful, lightweight Bash-based reconnaissance automation framework designed for penetration testers and security researchers. It chains together industry-standard tools into an elegant workflow with a distinctive Egyptian falcon theme.

╔══════════════════════════════════════════════════════════════════╗
║     𓅃  ███████╗ █████╗ ██╗      ██████╗  █████╗ ███╗   ██╗      ║
║        ██╔════╝██╔══██╗██║     ██╔════╝██╔══██╗████╗  ██║       ║
║        █████╗  ███████║██║     ██║     ██║  ██║██╔██╗ ██║       ║
║        ██╔══╝  ██╔══██║██║     ██║     ██║  ██║██║╚██╗██║       ║
║        ██║     ██║  ██║███████╗╚██████╗╚█████╔╝██║ ╚████║  𓅃   ║
║        ╚═╝     ╚═╝  ╚═╝╚══════╝ ╚═════╝ ╚════╝ ╚═╝  ╚═══╝       ║
║       𓆲  R E C O N N A I S S A N C E   F R A M E W O R K  𓆲    ║
╚══════════════════════════════════════════════════════════════════╝

---

Features

Feature	Description
𓅈 Subdomain Discovery	Enumerate subdomains using subfinder
🪽 Live Host Detection	Probe HTTP/HTTPS with httpx + tech detection
𓅇 Screenshot Capture	Visual recon with gowitness
👁️ Port Scanning	Top 1000 ports with nmap + service detection
𓅂 Directory Bruteforce	Find hidden paths with gobuster
𓅆 Technology Detection	Identify tech stacks automatically
� URL Crawling	Deep crawl with katana
📡 DNS Reconnaissance	Full DNS record enumeration + WHOIS
🔐 Vulnerability Scanning	Automated vuln detection with nuclei
𓅃 HTML Reports	Beautiful, shareable reports
𓆲 Config File Support	Customizable settings

---

Quick Start

# Clone the repository
git clone https://github.com/falcon0x1/FalconRecon.git
cd FalconRecon

# Make scripts executable
chmod +x FalconRecon.sh setup_tools.sh

# Install dependencies
./setup_tools.sh

# Run FalconRecon
./FalconRecon.sh

---

Installation

Prerequisites

• OS: Linux (Debian/Ubuntu/Kali/Arch) or macOS
• Bash: Version 4.0+
• Go: 1.19+ (for go-based tools)

Option 1: Git Clone (Recommended)

git clone https://github.com/falcon0x1/FalconRecon.git
cd FalconRecon
chmod +x *.sh
./setup_tools.sh

Option 2: One-Liner

curl -sL https://raw.githubusercontent.com/falcon0x1/FalconRecon/main/FalconRecon.sh -o FalconRecon.sh && \
curl -sL https://raw.githubusercontent.com/falcon0x1/FalconRecon/main/setup_tools.sh -o setup_tools.sh && \
chmod +x *.sh && ./setup_tools.sh

Required Tools

The setup_tools.sh script automatically installs:

Tool	Purpose
subfinder	Subdomain enumeration
httpx	HTTP probing & tech detection
gowitness	Screenshot capture
nmap	Port scanning
gobuster	Directory bruteforce
katana	Web crawling
nuclei	Vulnerability scanning
jq	JSON processing
dig	DNS queries
whois	WHOIS lookups

---

Usage

Interactive Mode

./FalconRecon.sh

You'll be prompted for a target domain, then presented with an interactive menu:

╔══════════════════════════════════════════════════════════════════╗
║  𓅃  F A L C O N   R E C O N                                      ║
╠══════════════════════════════════════════════════════════════════╣
║  𓆲 RECONNAISSANCE MODULES                                       ║
║   [1] 𓅃 Full Auto Scan      [6] 𓅂 Directory Brute            ║
║   [2] 𓅈 Subdomain Hunter     [7] 𓅆 Tech Detection             ║
║   [3] 🪽 Live Host Probe      [8] � URL Crawler                ║
║   [4] 𓅇 Screenshot Capture   [9] 🔐 Vuln Scan                  ║
║   [5] 👁️ Port Scanner         [10] 📡 DNS Recon                 ║
║  𓆲 UTILITIES                                                    ║
║  [11] 𓅃 Generate Report     [12] 𖤍 View Summary               ║
║  [13] 𓆲 Settings            [0] Exit                       ║
╚══════════════════════════════════════════════════════════════════╝

---

Output Structure

results/
└── target.com/
    ├── subdomains.txt      # Discovered subdomains
    ├── live.txt            # Live hosts
    ├── live_details.json   # Detailed host info
    ├── ports.txt           # Port scan results
    ├── ports.xml           # Nmap XML output
    ├── dns_recon.txt       # DNS records
    ├── tech_summary.txt    # Technology stack
    ├── vulnerabilities.txt # Found vulnerabilities
    ├── dirs_*.txt          # Directory listings
    ├── urls_*.txt          # Crawled URLs
    ├── report.html         # HTML report
    ├── falconrecon.log     # Session log
    └── screens/            # Screenshots

---

Configuration

Create a config file at ~/.falconrecon.conf:

# 𓅃 FalconRecon Configuration

# Thread count for parallel operations
THREADS=50

# Enable verbose logging
VERBOSE=false

# Log file path (empty = default)
LOG_FILE=""

# Custom wordlist path
CUSTOM_WORDLIST="/path/to/wordlist.txt"

Or use the in-app settings menu (option [13]).

---

Screenshots

Click to expand

Main Menu

Full Scan Progress

HTML Report

---

Contributing

Contributions are welcome! See CONTRIBUTING.md for guidelines.

1. Fork the repository
2. Create a feature branch (git checkout -b feature/amazing-feature)
3. Commit your changes (git commit -m 'Add amazing feature')
4. Push to the branch (git push origin feature/amazing-feature)
5. Open a Pull Request

---

License

This project is licensed under the MIT License - see the LICENSE file for details.

---

Acknowledgments

• ProjectDiscovery for subfinder, httpx, katana, nuclei
• Sensepost for gowitness
• OJ Reeves for gobuster
• The security community for inspiration

---

Contact

Mahmoud Elshorbagy

• GitHub: @falcon0x1

---

𓅃 FalconRecon v2.0
𓅃 Flying low, scanning high 𓅃