FinalRecon is a web recon toolkit to scan websites for penetration testing. It is made by TheWhiteh4t. This Python3 toolkit is simple and fast. FinalRecon is a well maintained tool and they update and add new features regularly.
The key features of this tool is following:
- Header Information
- Whois
- SSL Certificate Information
- Crawler
- HTML
- CSS
- Javascripts
- Internal Links
- External Links
- Images
- robots
- sitemaps
- Links inside Javascripts
- Links from Wayback Machine from Last 1 Year
- HTML
- DNS Enumeration
- A, AAAA, ANY, CNAME, MX, NS, SOA, TXT Records
- DMARC Records
- Subdomain Enumeration
- Data Sources
- Buffer Overflow
- crt.sh
- ThreatCrowd
- AnubisDB
- ThreatMiner
- Facebook Certificate Transparency API
- Data Sources
- Traceroute
- Protocols
- UDP
- TCP
- ICMP
- Protocols
- Directory Searching
- Support for File Extensions
- Directories from Wayback Machine from Last 1 Year
- Port Scan
- Fast
- Top 1000 Ports
- Open Ports with Standard Services
- Export Results
- Formats
- txt
- xml
- csv
- Formats
The screenshot of the command is following:
After cloning process is done we need to go in the finalrecon directory by using cd command:
Then we install the required packages to use this tool by using following command:
The screenshot of this command is following:
After installing the required packages we are ready to run this tool on a targeted website.
Lets run FinalRecon to check its help options by applying following command:
Then its help screen will comes in front of us as shown in following screenshot:Now we run FinalRecon and do a full scan on google for an example by using following command:
Then it starts the scanning process and try to find information on targeted website as shown in following screenshot:
We also can save our scan results by using the -o flag. For an example we save this in txt format, but we can use xml and csv format also.
This toolkit can scan for sensitive files in web directories which may contain more information about the target.
There are lots of this types of toolkit or frameworks like this but FinalRecon really has a good speed with perfection.
Extras :
- Some Modules Use API Keys to fetch data from different resources, these are optional, if we are not using an API key, they will be simply skipped. If we are interested in using these resources we can store your API key in the keys.json file.
- If we don't want to use a API key for a certain data source we just set its value to null, by default values of all available data sources are null.
- FinalRecon is a tool for Pentesters and it's designed for Linux based Operating Systems, other platforms like Windows and Termux are NOT support
Comments