Skip to content

THEXRECON is a Recon Tool that use multi-tools to found subdomains

License

Notifications You must be signed in to change notification settings

thexnumb/thexrecon

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

48 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

THEXRECON Subdomain Enumeration Tool

A high-performance Go tool for automating subdomain enumeration across multiple domains using various techniques and sources by Thexnumb.

Features

  • Multiple Data Sources: Collects subdomains from various sources including:

    • AbuseIPDB WHOIS information
    • Subdomain.center API
    • Subfinder
    • Chaos
    • Certificate Transparency logs (crt.sh)
    • GetAllUrls (gau)
    • Wayback Machine
    • Assetfinder
    • Amass
  • Concurrent Processing: Uses Go routines for parallel execution of all modules

  • Flexible Input Options: Process a single domain or a list of domains from a file

  • Flexible Output Options: Output to stdout or save to a file

  • Deduplication: Ensures unique subdomains in the output

  • Filtering: Removes invalid and wildcard subdomains

Prerequisites

Before installing THEXRECON, make sure you have the following prerequisites:

1. Go Installation

You need Go 1.18 or higher installed. If you don't have Go installed:

  • Linux/Mac:

    # Download and install Go
    wget https://go.dev/dl/go1.20.4.linux-amd64.tar.gz
    sudo tar -C /usr/local -xzf go1.20.4.linux-amd64.tar.gz
    
    # Add Go to your PATH
    echo 'export PATH=$PATH:/usr/local/go/bin:$HOME/go/bin' >> ~/.profile
    source ~/.profile
  • Windows: Download and install from https://go.dev/dl/

Additional requirements:

  • curl command-line tool (usually pre-installed on most systems)

2. Note about Chaos-client tool

Consider that you should put the API-Key of the CHAOS to the ~/.configs/chaos/config.yaml

Installation

Option 1: Install directly with Go

go install github.com/thexnumb/thexrecon@latest

This will download, compile, and install the tool to your $GOPATH/bin directory, which should be in your PATH.

Option 2: Clone and build manually

  1. Clone the repository:

    git clone https://github.com/thexnumb/thexrecon.git
    cd thexrecon
  2. Build the tool:

    go build -o thexrecon
  3. (Optional) Install to your GOPATH:

    go install

Configuration

The tool requires an AbuseIPDB session cookie for one of its modules. You have two ways to configure this:

  1. Config file (recommended):

    • Create a file named .thexrecon.yaml in your home directory or in the current directory
    • Use the following format:
      abuseipdb_session: "YOUR-SESSION-COOKIE-HERE"
    • An example config file is provided as /example/.thexrecon.yaml.example
  2. Source code (for manual installation):

    • Open main.go and update the defaultConfig variable

To get your AbuseIPDB session cookie:

  1. Log in to https://www.abuseipdb.com/
  2. Open developer tools (F12)
  3. Go to the Application tab
  4. Look for the abuseipdb_session cookie and copy its value

Usage

If you installed with go install, you can run the tool directly:

thexrecon -u example.com

If you built it manually, run it with:

./thexrecon -u example.com

Command Line Options

Option Description
-u domain.com Process a single domain
-l domains.txt Process multiple domains from a file
-o results.txt Save output to a file (otherwise outputs to stdout)
-c Check dependencies and exit
-v Show version information
-h Show help information

Examples

Process a single domain:

thexrecon -u example.com

Process multiple domains from a file:

thexrecon -l domains.txt

Save output to a file:

thexrecon -u example.com -o results.txt

Check dependencies:

thexrecon -c

Input File Format

If using the -l option, create a text file with one domain per line:

example.com
example.org
other_example.net

Comments can be added by prefixing the line with #.

Performance

This tool is optimized for performance by:

  • Using Go's concurrency model with goroutines
  • Processing multiple sources in parallel
  • Efficiently handling and filtering results

Customization

You can easily extend the tool by adding new modules in the main.go file.

Notes

  • Some functions (like CrtSh) require network access to external services
  • The script includes error handling to prevent failures if a particular source is unavailable
  • Respect rate limits of the services you're querying to avoid IP blocks

License

This project is licensed under the MIT License - see the LICENSE file for details.

🌐 Let's Connect

Discord Twitter Telegram Instagram Infosec.exchange LinkedIn Medium Blogger YouTube Reddit

About

THEXRECON is a Recon Tool that use multi-tools to found subdomains

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages