Changes

Page history
recaon-ng wiki authored by root's avatar root
Show whitespace changes
Inline Side-by-side
Tool-Guides/recon-ng.md 0 → 100644
View page @ 010218d1
# Recon-NG
## Description
Recon-ng is a useful tool written in python, that is set-up much like metasploit for reconnaissance of websites. It has many different modules to search for hosts, POC, email, geocode and many more.
### Kali - Install
```bash
apt install recon-ng
```
## Usage
#### Start the program
```bash
recon-ng
```
#### Create a new workspace
This is where the info on your targets will be stored.
```bash
[recon-ng][default] > workspaces add new-workspace
```
#### Various info commands
Use help from anywhere to get info about usage
```bash
[recon-ng][new-workspace] > help
```
For a list of all tables
```bash
[recon-ng][new-workspace] > show schema
```
For an individual table.
```bash
[recon-ng][new-workspace] > show domains
```
For all information that can be shown.
```bash
[recon-ng][new-workspace] > show
```
Shows a summary of all collected info and modules used.
```bash
[recon-ng][new-workspace] > show dashboard
```
#### Reconnaissance
Add a domain to recon.
```bash
[recon-ng][new-workspace] > add domains mst.edu
```
Add a company info to obtain more info.
```bash
[recon-ng][new-workspace] > add companies
company (TEXT): MST
description (TEXT): A university
```
Show modules available to use
```bash
[recon-ng][new-workspace] > show modules
```
or search directly.
```bash
[recon-ng][new-workspace] > search domains
```
Load module to use
```bash
[recon-ng][new-workspace] > use recon/domains-contacts/whois_pocs
```
To show options for module and where info will be stored.
```bash
[recon-ng][new-workspace][whois_pocs] > show info
```
To run the module with defaults.
```bash
[recon-ng][new-workspace][whois_pocs] > run
```
This module looks for POC for the website and sends info to table contacts.
```bash
[recon-ng][new-workspace][whois_pocs] > show contacts
```
## Wrap Up
This guide only uses 1 of the 81 different Recon modules. There are at the moment
95 different modules in 5 different categories that can be utilized. Check out
the references below for more advanced capabilities including api key usage to
include Bing, Google, Twitter and many more for more in depth reconnaissance.
## References
[Author's BitBucket Site](https://bitbucket.org/LaNMaSteR53/recon-ng/overview)
[Usage Guide](https://bitbucket.org/LaNMaSteR53/recon-ng/wiki/Usage%20Guide#!getting-started)
[Get the CheatSheet here](https://www.getdrip.com/forms/38118976/submissions/new)