Recon-ng - Information gathering

You can read this post on Spanish language:No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
Recon-ng is a Python framework focused on gathering information, it can obtain a lot of data from a target and his environment. It have differente and independent modules, and you can combine the results obtained for more efficiency. Definetly, Recon-ng is a powerful tool for gathering information fast on the web.

Basics uses and modules:


# Start menu:

recon-ng

# Help

help

Recon-ng lets you create profiles for analyze different objectives without mixing information, that is stored for later reference, something very useful.
# Create profile

workspaces add <perfil>

add domains <domain>

show domains

We can see the different modules of Recon-ng, the modules are clasiffied in different sections (Discovery, Exploitation, Import, Recon y Reporting).
# Show modules

show modules

We can search modules by name:

SEARCH <module>

When we know which module we will use, we must load it (i will use netcraft for the example). There are two commands for do this:
# Select module

use <module>
load <module>

With the module loaded, we can see information abaut it and his options.

show info

If we have not created a profile, we can select our "target"

set SOURCE <domain>

# Start module

run

There are a lot of different modules, they bring us great variety of ways to find information of a specific target, we can even use social networks like Twitter or analyze domains looking for ssl vulnerabilities. The results can be displayed in different tables, as "contacts", "companies", "hosts" ...

show <lista>

Spanish post:No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
Official web: No tienes permitido ver los links. Registrarse o Entrar a mi cuenta


Regards, hati