What is recon-ng

recon-ng kya hota hai

 Friends, in the previous post, I told about NMAP, in today's post I will tell about recon-ng.


 

recon-ng  is an open source free software that has been created for the Linux platform, through this tool, you can easily extract the subdomain, its IP address and its location of any domain, it is also useful for Penetration Testing.  It is used by hackers to extract information of any IP and domain and is also used for exploit and many modules are found inside it recon-ng v5.1.1


 In this 84 recon modules , 16 Disabled modules, 8 reporting modules, 4 importing modules, 2 exploiting modules and 2 discovery module are found, with the help of these modules we perform any action, this tool has all the details of any domain like  That saves the sub domain and its IP address etc. in the host table so that we do not have to search again and again for different tasks on open source and here we can easily get it installed inside Kali Linux.  To install it, type sudo apt install recon-ng and press enter, it will be installed

how to install modules in recon-ng
how to install recon-ng in kali linux
how to use recon ng

 
basic commands in recon-ng 


back       -     Exits the current context-
dashboard -      Displays a summary of activity
db  -            Interfaces with the workspace's database
exit-            Exits the framework
help  -          Displays this menu
index  -         Creates a module index (dev only)
keys-            Manages third party resource credentials
marketplace -    Interfaces with the module marketplace
modules -        Interfaces with installed modules
options -        Manages the current context options
pdb    -         Starts a Python Debugger session (dev only)
script -         Records and executes command scripts
shell  -         Executes shell commands
show  -          Shows various framework items
snapshots -      Manages workspace snapshots
spool  -         Spools output to a file
workspaces -     Manages workspaces
 

How to use recon-ng

As we know that there is a place to do any work and then to keep that work in a place from where we can easily do our work and then keep it.

 Similarly recon-ng has workspaces inside which we work and put


 Workspaces


 It is necessary to create workspaces inside recon-ng so that you can take out the work done by you by looking through the workspaces again, to see the workspaces, type workspaces list and press enter all the created workspaces will be shown if they

 If you want to choose any of the workspaces, then for that workspaces loads and the name of the workapces which is showing in the list, if you want to create any new worspaces, then for that workspaces create

And by pressing enter after the name of the workspaces, your new workspaces will be ready, if you want to remove any workspaces, then remove the workspaces and name of the workspaces.

Use of marketplace in recon-ng

Now let's talk about what is marketplaces marketplaces are the modules with the help of which we perform any action, we use marketplace in two ways, some require API key, for which marketplaces use the key.  It is needed that there is a mark of * mark in front of it, now how will you check the marketplaces, then you will use the command for that
marketplace search 

If we want to search specific marketplaces of any modules, then for that

marketplace search google

This command will show all the Marketplaces of Google Modules, similarly you can find Marketplaces of other Modules.  To install only one of the Marketplaces

 Install marketplace and paste the marketplaces which are places

 Single Marketplace will be installed and if everyone wants to install then for that

 marketplace install all and all marketplaces will be installed


 

Loads modules

Modules are required to perform an action, for this modules load netcraft

 This command to load netcraft modules or you can load modules by modules search google, by searching google modules and pasting modules load

Find out Subdomain 

1- modules load recon/domains-contacts/who is_pocs or
modules load netcraft and press enter
2-options set source abc.com
3-run
After this, all the sub-domains of which the source has been set will be visible on the screen.

Find out the IP of sub-domains

1- modules load recon/host-host/resolve
2- run

After this the IP address of all the sub-domains should be resolved.


To see it will be saved in the host table, you can see through show host command.

 Add API keys


 There are some modules that require API keys to run, the command to add them

 keys add builtwith_api or keys add shodan_api  and you can add by pasting the API key.  want to


 Find out the location from IP


 1- modules load  ipinfo or ipstack

 2-info

 3-run

 Esting and northing of all IP addresses will be saved in the host table, then after loading the geocode modules, you can find its actual position by feeling the easting and northing or you can find its location through Google Earth.

 Working with databases


 Whatever workspace we are working in is working on a single database, if we want to make any changes in that database then we can do it easily.

 db schema To view the schema of the database

 db delete and table name that database table will be deleted

 db insert and whatever to insert into the database

 Some important commands

 show hosts

 Show ports

 Show contacts


 Show credentials


 I hope you have understood the recon-ng framework easily and with the help of such examples and tools, you can do information gating.