WebRecon is a tool-chain script intended to automate the process of auditing a website for bug-bounty or pentesting purposes. It runs various scripts in a daisy-chained fashion so as to maintain order and synchronisation. Since the script is highly dependent on network characteristics and configuration of the target, it may generate different (sometimes incorrect) results every time it is executed. However, the overall results may be enough to audit the website properly.
● Windows 10+ / Linux (Debian) / Android (Termux).
● Python 3.10 and above.
● Linux Terminal / Command Prompt / Windows PowerShell
● termcolor
● pythonping
● python-nmap
● boto3
● datetime
● requests
● fpdf
● scapy
- Clone the repository
git clone https://github.com/varospaxo/webrecon
- Change to
webrecondirectorycd webrecon - Install
requirements.txtpip install -r requirements.txt
- Run
WebRecon.pyscript (may require sudo or root priviledges)python WebRecon.py
Host service detection finds whether the host server is alive or not. It also returns the latency between the host server and us as a client. After getting the connection status, it provides the IP address of the host server.
Remote port scanner scans the host website for open ports available. This may help identify services running on the host server and thereby can be used to test the vulnerabilities of the host.
Traceroute scan generates a list of hops required to reach the host server. It also detects whether the connection between those hops is a TCP connection or not.
Remote OS Detection script identifies the type of operating system the host server is running. It also provides with the detection accuracy of its generated result.
SSL certificate status scan finds the validity of SSL certificate currently active on a website. SSL certificate ensures whether the traffic between the host and its client is encrypted.
Reverse DNS Scan provides the actual hostname of the server acting as the host server. It can be used to identify the original host of a website.
Subdomain scanner finds the common subdomains that a website may have. Subdomains may help to find different services provided by the same website.
Admin page scanner tries to find admin panel pages of a website. The admin panel pages are used to access the backend configuration services of a website.
Report generator reads the data created by the script and generates the corresponding pdf documents containing the findings of the script.
