r3con is a Multifunctional Web Recon & Vulnerability Scanner Tool and incredibly fast crawler that can find multiple vulnerabilitys and gather information.
- Reflected XSS
- Multi-threaded crawling
- Open-redirection
- Subdomain Takeover
- SQL Injection
- HTML INjection
- SSRF
- CSRF
- CORS
- Find vulnerable JS library
- Information disclosure
- Web IP Address
- Server IP Address
- Cname Recods
- DNS lookup
- SPF lookup
- Hidden IP
- API Endpoints
- JS endpoints
- XSS Endpoints
- directory Search
- Subdomain Enumeration
https://github.com/thenurhabib/r3con
cd r3con
chmod +x install.sh r3con.sh
./install.sh./r3con -h
./r3con -d example.com -a [Full Scan]
./r3con -d example.com -p [Passive reconnaissance]
./r3con -d example.com -a [Active reconnaissance]
./r3con -d example.com -m [Massive recon]
./r3con -d example.com -r [Active and passive reconnaissance]
./r3con -d example.com -v [Check Vulnerabilities only]
Ways to contribute
- Suggest a feature
- Report a bug
- Fix something and open a pull request
- Help me document the code
- Spread the word
Licensed under the GNU GPLv3, see LICENSE for more information.