Skip to content

v1.2.0: Recon Tools

Choose a tag to compare

@inflictx inflictx released this 01 Jul 14:44

🛰️ Recon Tools: a new offline recon crafters tab

A new Recon Tools module (#/recon) with three offline crafters that only ASSEMBLE what you run yourself (the app never touches the network):

  • Wayback CDX query builder: match types, extension filters and presets, plus copy-paste post-processing recipes (gau/waybackurls harvest, uro dedup, gf classification, id_ deleted-file recovery, PDF secret scan).
  • IDN homograph generator: 0-click account takeover via punycode email. Crafts domain-part and username-part look-alikes with the on-the-wire form and the full attack workflow, plus a defensive analyzer that decodes xn-- and flags confusable characters.
  • Dork builder: 20 Google dork categories + GitHub code-search + Shodan pivots, with a multi-engine Open and a custom builder.

Bilingual RU/EN, standard Copy buttons, wrapped in the shared lab container. Content researched and verified (CDX semantics against the wayback CDX source; confusable code points and xn-- examples against Python unicodedata/punycode; dork operators against each engine's current docs).

Also since v1.1.0

  • Localized the Copy / Copied confirmation (RU/EN).
  • Large deep-audit and content-correctness pass: ranker overhaul, ~60 payload / checklist / chain fixes, reverse-shell byte-encoding, DNS-rebinding guard, payload-shaped CVE additions.

All gates green: tsc, vitest 18/18, server and static builds. The live demo auto-redeploys to GitHub Pages.