Recon-NG is a Python-based reconnaissance framework that automates information gathering about domains, IPs and networks using multiple modules and data sources.
recon-ngmarketplace install recon/domains-hosts/hackertarget
modules load recon/domains-hosts/hackertarget
options set SOURCE grammy.com
runReturns subdomains and IPs associated with the target domain.
marketplace install recon/netblocks-hosts/shodan_net
modules load recon/netblocks-hosts/shodan_net
options set SOURCE [netblock]
run| Domain | Module | Information Found |
|---|---|---|
| grammy.com | hackertarget | Subdomains, Akamai IPs, CDN |
| incibe.es | hackertarget | Hosts, Telefรณnica/RIMA IPs |
| uco.es | hackertarget + shodan | University subdomains, exposed services |
marketplace search # List all available modules
modules search # List installed modules
options list # View current module options
show hosts # View collected hosts
show contacts # View collected contacts