How it works • Setup • Usage • For Developers • Credits
Introducing MR.RECON, an advanced and versatile bug bounty recon and vulnerability detection tool powered by the efficiency of bash scripting. Designed with the needs of bug bounty hunters and security researchers in mind, this tool combines powerful reconnaissance techniques with automated vulnerability detection to supercharge your bug hunting efforts.
Enumeration -
- Effective Subdomain Enumeration from Various Tools
- Get URLs with open HTTP and HTTPS service
- JS File Enumeration
MR.RECON requires different tools to run successfully. Run the following command to install the all requirments-
$ git clone git@github.com:techghoshal/mrecon.git
$ cd mrecon
$ sudo ./install.shYou can also provie your own CONDIF file with your API Keys for subdomain enumeration with subfinder (/root/.config/subfinder/provider-config.yaml) and amass (amass_config.ini)
$ ./mrecon -h$ ./mrecon -enum target.comSubdomain and JS File Enumuration, Get URL, Find API Keys From JS File
$ ./mrecon -enum target.comIf you have any queries, you can always contact me on twitter(@techghoshal)
I would like to express my gratitude to all of the open source projects that have made this tool possible and have made recon tasks easier to accomplish.