⚡ A fully automated subdomain reconnaissance and sensitive data discovery toolkit.
- 🔎 Subdomain enumeration (
subfinder,crt.sh) - 🌐 Live host detection with
httpx - 🔥 Vulnerability scanning (CORS) using
nuclei - 🧾 Historical data collection from
archive.org - 🕵️♂️ Sensitive file discovery (
.sql,.xml,.zip, etc.) - 🚨 Live sensitive file validation
- 🎨 Clean, colored CLI output for easy reading
- 📁 Organized output directory per scan
Install the following tools before using rec0n:
pip3 install -r requirements.txt❤️ Credits Inspired by tools from:
- ProjectDiscovery
- TomNomNom
- s0md3v
- The Bug Bounty community