INFORMATION GATHERING WITH RECON-NG Part-1

By -

INFORMATION GATHERING WITH RECON-NG Part-1

Recon-ng is a Web Reconnaissance tool written in Python for information gathering, which helps you to retrieve or gather various information from a domain or a company name like, you can gather detail information about contacts from particular website or company as well as information such as what are the subdomains, which are linked with any particular URL.

This framework is built with several ‘module’ classes which enable users to reconnaissance easily and retrieve information by using command code in the terminal. Recon-ng tool also gives the functionality of generating report, regarding whatever things you have gathered. Recon-ng can generate reports in various formats such as html, csv and json etc.

1. Installation of Recon-ng

You can simply run recon-ng command in terminal to start recon-ng. 

If recon-ng is not installed in your computer then you can install it by using command apt-get update && apt-get install recon-ng. Also, make sure that latest version of pip is installed in your machine.

As you run the recon-ng command it will show you interface as shown below.

2. Once you have started the recon-ng it will show modules that are installed in machine or it will show a message like ‘No modules enabled/installed’. In console now you can fire the command help to see, what are the commands you can perform with recon as shown in given example:

Commands like, a marketplace which you can use to see what are the various modules are available for recon, options will help you to set your target source values and other modification, you can also take a screenshot of the current console by using command snapshot. Other commands like dashboard will show in which dashboard you are currently working in and shell command you can use to run Linux commands in recon-ng console without changing the terminal.



3. Working with Marketplace and Modules:

You can use the command marketplace search to see what are the various module available.

Now you can use any module from the marketplace by installing it.

Installation of the module: marketplace install recon/companies-domains/pen

Once the module has been installed, now you need to load the module in recon-ng.

Load Module: modules load recon/companies-domains/pen

As you have now loaded the module now you can simply run info command to see modules description, name of module, author and version and options in which you can set your parameters.

By simply running options command you can set, unset any parameter values, as SOURCE is the one parameter of the current module.

to unset SOURCE value: options unset SOURCE

to set the SOURCE value: options set SOURCE Reliance

Again use info command to see the SOURCE value which you have set.

Now you can hit the command run to execute the module.


As you can see in the result that, it provides domain names, that are linked with the Reliance company and also provides a summary.

Comments

Post a Comment

Popular Posts

Pen Testing and It's Phases

By -
Image
Cybersecurity audit and its type 1) Security Audit 2) Vulnerability Assessment 3) Penetration test Let us understand above all terms  in the below section So first is 1) Security Audit: Security audit is a manual or systematic assessment of any vulnerable system. It includes Check all the configuration of the system and a network Interview all the staff of the organization in which we are penetrating. Review all the policies of the organization Check if the operating system they are using and software they are using that are not outdated or they need any updation. To get the best result we have to perform a security audit with admin privileges. 2) Vulnerability Assessment Vulnerability assessment means to identify the vulnerability and the classifying then into a security loophole group. An attacker can use the vulnerability to misuse the system by exploiting them and violate the security of the system. Vulnerability means weakness of the system, or we can say a loophole in a syst...
Read more