Skip to content

Home

Jump to bottom
six2dez edited this page Jan 31, 2021 · 28 revisions

ReconFTW

Table of Contents

Installation Guide

Configuring Go-lang

  • ReconFTW requires go1.14+ to install successfully.
    If not installed follow the steps below.

From Binary

wget https://golang.org/dl/go1.15.7.linux-amd64.tar.gz
tar -C /usr/local -xzf go1.15.7.linux-amd64.tar.gz

Configuring $PATH

Add the following lines in your .bashrc , .zshrc

export GOROOT=/usr/local/go
export GOPATH=$HOME/go
export PATH=$GOPATH/bin:$GOROOT/bin:$PATH

Clone reconFTW repository

git clone https://github.com/six2dez/reconftw.git
cd reconftw
chmod +x *.sh
./install.sh

Post Installation Guide

Amass Config

You will need a config file to use your API keys with Amass.
See the Example Configuration File for more details.

Operating System Path
Linux / Unix $HOME/.config/amass/config.ini

Subfinder Config

Subfinder to work with certain services, you will need to have setup API keys

Operating System Path
Linux / Unix $HOME/.config/subfinder/config.yaml

Github tokens

  • Add your GitHub personal tokens in ~/Tools/.github_tokens ,1 per line.
  • Its recommended to add > 5 GitHub Personal Access Tokens. See here how to create them.
  • Use multiple tokens from separate GitHub accounts to provide the best results.
d2fec3d6e6712a985259522acec
0e8e24ad765d1550abe13347c48
5da53a644c6aaa5874f669a0218
15977496cc613e33cdb15b83693
46df7cecc76537e229ef069eb63

Favup Config

Run the following command
shodan init [Your-API-Key]

Blind XSS Server

Script includes a tool called XSStrike which can use a server for detection (optional).
Creating an account on XSS Hunter, will provide you with your own personalized server. Store your personal server into an environment variable in your terminal's configuration file(.bashrc/.zshrc)
Eg: XSS_SERVER=<username>.xss.ht

SSRF Server

To get inbound requests for finding potential SSRF its necessary to setup your own COLLAB_SERVER

  • Services for setting up SSRF Server:
  1. Webhook
  2. RequestCatcher
  3. Canarytokens
  4. Burp Collaborator server

Eg:COLLAB_SERVER=XXXXXXXXXX

Docker

Build image

Use the following command to build the image:

docker build -t reconftw/reconftw .

Docker usage

More info and examples are available in the inline help:

docker run --rm reconftw/reconftw -h

Full scan:

docker run --rm reconftw/reconftw -d target.tld -a

When using a list of targets, load it into the container using volumes. For example:

docker run -it --rm -v $PWD/targets.txt:/app/targets.txt reconftw/reconftw -l /app/targets.txt -a
Clone this wiki locally