gokulapap / reconator Goto Github PK

Automated Recon for Pentesting & Bug Bounty

License: GNU General Public License v3.0

Python 48.62% Shell 15.72% HTML 35.17% Procfile 0.05% Dockerfile 0.43%

recon automation python scanner webscanner telebot-notification fuzzer bugbounty reconator

reconator's Introduction

Summary

Reconator is a Framework for automating your process of reconnaisance without any Computing resource (Systemless Recon) at free of cost. Its Purely designed to host on Heroku which is a free cloud hosting provider. It performs the work of enumerations along with many vulnerability checks and obtains maximum information about the target domain.

It also performs various vulnerability checks like XSS, Open Redirects, SSRF, CRLF, LFI, SQLi and much more. Along with these, it performs OSINT, fuzzing, dorking, ports scanning, nuclei scan on your target.

Reconator receives all the targets needs to be reconed via a Web Interface and adds into the Queue and Notifies via Telebot on start and end of Recon on a target. So this is 100% automated and don't require any manual interaction

⭐ Star History

⚙️ Deploy

📋 Requirements

Heroku Free account (For Deploying)
Telegram account (For notifications)

📹 Demo Video of Deploying

📹 Trailer Video

📕 Usage

WEB APPLICATION PATHS

path	Description
(/) home	Root page where you will add targets
/initialise	Initialise the Database and the cronjob
/queue	The targets added will be in the queue can manage targets
/scanned	It contains list of all scanned targets can view results by results
/issues	It has a quick link for reporting a issue and tool improvement

🔥 Features 🔥

Systemless Recon 100% Free
Fast scan and Easy to use
Permanent storage of Results in DB
Notification support via Telegram bot
Fully Automated Scanner
Easy access via Web UI
Queue support allows to add many targets
Easy Deploy Easy Recon
Runs 24/7 for 22 Days [Heroku - 550 hrs/month free]

📝 More Features and More Recon tools will be added in next update

💬 Community & Discussion

Join Our Telegram server here

ℹ️ How to contribute:

If you want to contribute to this project then:

Submitting an issue because you have found a bug or you have any suggestion or request.
Submitting a feature request in this Form form

ℹ️ Need help?

Take a look at the wiki section.
Check FAQ for commonly asked questions.
Ask for help in the Telegram group

🤝 Helping hands 🤝

Jopraveen (Video Editing & FrontEnd)
Santroo (FrontEnd design)
Godson (Script Searching)
Yashwant (FrontEnd design)

You can support this work buying me a coffee:

⚠️ Disclaimer

Usage of this program for attacking targets without consent is illegal. It is the user's responsibility to obey all applicable laws. The developer assumes no liability and is not responsible for any misuse or damage caused by this program. Please use responsibly.

The material contained in this repository is licensed under GNU GPLv3.

🧾 License

Reconator is made with ♥ by @gokulap and it is released under the GPL 3.0 License

reconator's People

Contributors

Stargazers

Watchers

Forkers

lucilu1320 j0n47h4n2021 polling-repo-continua sajibekanti 0xgodson ch4o3 jakre1234 mrmahile stevepham88 bug-tools shashankgidbidi heartsleep bbhunter excloudx6 okaayfine igorvkm jeromeyoung yuryus slooppe randengshifu jenxp h3ll0w0lrd pureisnthere reversertr 0x6b7563696e676c696172 hackme252 fbenhur sageof6iixpaths argonx21 imfaizanakhtar subbabachina burak40 zzzzzz1zzzzz huy4ng kartik192192 gkarumbi ipecs elyabany webreconbot viperbluff dotslashed arafat-prox amineethic fuckwbored fordrink nocomp balaharipm officialkp rayiik sfbcm buggyme redo128 h4k6 x543g ahmedapdulrasool khaledsham19 me5a1337 motasemroot elbourreda dominfosec h1roun aldawx90 482949203 souravbaghz s1rrv aravindd007 229v5k mogewily cyphrin followsec 0xprashant sainath-reddiee serdaruzunay dark1mechannic itz-mg raiders0786 akshay2796 7ealvivek zpaav willardjansen bonkbink jaat301 vikashvicky628 sup3rman76 halil786 babyhacker0x7 billsam testingweb624 bugbountydude ahmedlap serialkiller5605 aravindb26 rhankare 0xshahriar spitesagor alex22522 sofienelkamel ibnudev7 jehant1 piyushimself

reconator's Issues

Heroku Item could not be created

Heroku Item could not be created:
We couldn't deploy your app because the source code violates the Salesforce Acceptable Use and External-Facing Services Policy.

Any services or how i can deploy this app on my VPS?
Thanks

Im unable to deploy the app

Heroku says:
We couldn't deploy your app because the source code violates the Salesforce Acceptable Use and External-Facing Services Policy.
you can fixed it by renaming your repository

Heroku is not free anymore

Hello, I've been using reconator for more than a year. But I came to know that Heroku is not free anymore after my app got crashed. So can you please create a docker file for the same so that anyone can deploy it to the cloud?

Source code violation

while deploying app, it shows source code violates Salesforce acceptable use and external facing service policy. Every input is correct, i checked 5 times. adding screenshot for your ref. @gokulapap

Im unable to deploy the app

Heroku is new to me. I believe you should create a video on forking so that new Heroku users can benefit from it.

Scan Queue Not responding.

After Putting the site in scan queue it remains same forever does not move for scanning. Please help on this issue.

This error originates from a subprocess, and is likely not a problem with pip. error: metadata-generation-failed

-----> Building on the Heroku-22 stack
-----> Using buildpacks:
1. heroku-community/apt
2. heroku/python
3. heroku/php
-----> Apt app detected
-----> Detected Aptfile or Stack changes, flushing cache
-----> Updating apt caches
Get:1 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [119 kB]
Get:4 http://apt.postgresql.org/pub/repos/apt jammy-pgdg InRelease [91.6 kB]
Get:5 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages [1,792 kB]
Get:6 http://archive.ubuntu.com/ubuntu jammy/universe amd64 Packages [17.5 MB]
Get:7 http://archive.ubuntu.com/ubuntu jammy-security/universe amd64 Packages [909 kB]
Get:8 http://archive.ubuntu.com/ubuntu jammy-security/main amd64 Packages [914 kB]
Get:9 http://archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages [1,149 kB]
Get:10 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages [1,251 kB]
Get:11 http://apt.postgresql.org/pub/repos/apt jammy-pgdg/main amd64 Packages [420 kB]
Fetched 24.5 MB in 2s (14.5 MB/s)
Reading package lists...
W: http://apt.postgresql.org/pub/repos/apt/dists/jammy-pgdg/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
-----> Fetching .debs for jq
Reading package lists...
Building dependency tree...
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 1 not upgraded.
Need to get 52.5 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu jammy/main amd64 jq amd64 1.6-2.1ubuntu3 [52.5 kB]
Fetched 52.5 kB in 0s (168 kB/s)
Download complete and in download only mode
-----> Fetching .debs for nmap
Reading package lists...
Building dependency tree...
The following additional packages will be installed:
libblas3 liblinear4 liblua5.3-0 libpcap0.8 lua-lpeg nmap-common
Suggested packages:
liblinear-tools liblinear-dev ncat ndiff zenmap
The following NEW packages will be installed:
libblas3 liblinear4 liblua5.3-0 libpcap0.8 lua-lpeg nmap nmap-common
0 upgraded, 7 newly installed, 0 to remove and 1 not upgraded.
Need to get 6,258 kB of archives.
After this operation, 27.2 MB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu jammy/main amd64 libpcap0.8 amd64 1.10.1-4build1 [145 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy/main amd64 libblas3 amd64 3.10.0-2ubuntu1 [228 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy/universe amd64 liblinear4 amd64 2.3.0+dfsg-5 [41.4 kB]
Get:4 http://archive.ubuntu.com/ubuntu jammy/main amd64 liblua5.3-0 amd64 5.3.6-1build1 [140 kB]
Get:5 http://archive.ubuntu.com/ubuntu jammy/universe amd64 lua-lpeg amd64 1.0.2-1 [31.4 kB]
Get:6 http://archive.ubuntu.com/ubuntu jammy-updates/universe amd64 nmap-common all 7.91+dfsg1+really7.80+dfsg1-2ubuntu0.1 [3,940 kB]
Get:7 http://archive.ubuntu.com/ubuntu jammy-updates/universe amd64 nmap amd64 7.91+dfsg1+really7.80+dfsg1-2ubuntu0.1 [1,731 kB]
Fetched 6,258 kB in 0s (32.9 MB/s)
Download complete and in download only mode
-----> Fetching .debs for whois
Reading package lists...
Building dependency tree...
The following NEW packages will be installed:
whois
0 upgraded, 1 newly installed, 0 to remove and 1 not upgraded.
Need to get 53.4 kB of archives.
After this operation, 279 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu jammy/main amd64 whois amd64 5.5.13 [53.4 kB]
Fetched 53.4 kB in 0s (173 kB/s)
Download complete and in download only mode
-----> Fetching .debs for sqlmap
Reading package lists...
Building dependency tree...
The following additional packages will be installed:
python3-magic
The following NEW packages will be installed:
python3-magic sqlmap
0 upgraded, 2 newly installed, 0 to remove and 1 not upgraded.
Need to get 6,912 kB of archives.
After this operation, 11.1 MB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu jammy/main amd64 python3-magic all 2:0.4.24-2 [12.6 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy/universe amd64 sqlmap all 1.6.4-2 [6,900 kB]
Fetched 6,912 kB in 0s (41.8 MB/s)
Download complete and in download only mode
-----> Fetching .debs for libatlas-base-dev
Reading package lists...
Building dependency tree...
The following additional packages will be installed:
libatlas3-base libgfortran5
Suggested packages:
libatlas-doc liblapack-doc
The following NEW packages will be installed:
libatlas-base-dev libatlas3-base libgfortran5
0 upgraded, 3 newly installed, 0 to remove and 1 not upgraded.
Need to get 7,811 kB of archives.
After this operation, 38.9 MB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu jammy-security/main amd64 libgfortran5 amd64 12.1.0-2ubuntu122.04 [882 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libatlas3-base amd64 3.10.3-12ubuntu1 [3,340 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libatlas-base-dev amd64 3.10.3-12ubuntu1 [3,590 kB]
Fetched 7,811 kB in 1s (8,076 kB/s)
Download complete and in download only mode
-----> Installing jq_1.6-2.1ubuntu3_amd64.deb
-----> Installing libatlas3-base_3.10.3-12ubuntu1_amd64.deb
-----> Installing libatlas-base-dev_3.10.3-12ubuntu1_amd64.deb
-----> Installing libblas3_3.10.0-2ubuntu1_amd64.deb
-----> Installing libgfortran5_12.1.0-2ubuntu122.04_amd64.deb
-----> Installing liblinear4_2.3.0+dfsg-5_amd64.deb
-----> Installing liblua5.3-0_5.3.6-1build1_amd64.deb
-----> Installing libpcap0.8_1.10.1-4build1_amd64.deb
-----> Installing lua-lpeg_1.0.2-1_amd64.deb
-----> Installing nmap_7.91+dfsg1+really7.80+dfsg1-2ubuntu0.1_amd64.deb
-----> Installing nmap-common_7.91+dfsg1+really7.80+dfsg1-2ubuntu0.1_all.deb
-----> Installing python3-magic_2%3a0.4.24-2_all.deb
-----> Installing sqlmap_1.6.4-2_all.deb
-----> Installing whois_5.5.13_amd64.deb
-----> Writing profile script
-----> Rewrite package-config files
-----> Python app detected
-----> No Python version was specified. Using the buildpack default: python-3.11.3
To use a different version, see: https://devcenter.heroku.com/articles/python-runtimes
-----> Installing python-3.11.3
-----> Installing pip 23.0.1, setuptools 63.4.3 and wheel 0.38.4
-----> Installing SQLite3
-----> Installing requirements with pip
Collecting flask
Downloading Flask-2.2.3-py3-none-any.whl (101 kB)
Collecting gunicorn
Downloading gunicorn-20.1.0-py3-none-any.whl (79 kB)
Collecting flask_cors
Downloading Flask_Cors-3.0.10-py2.py3-none-any.whl (14 kB)
Collecting psycopg2-binary
Downloading psycopg2_binary-2.9.6-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.0 MB)
Collecting pyTelegramBotAPI
Downloading pyTelegramBotAPI-4.10.0.tar.gz (222 kB)
Preparing metadata (setup.py): started
Preparing metadata (setup.py): finished with status 'done'
Collecting pybase64
Downloading pybase64-1.2.3-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl (173 kB)
Collecting flask_autoindex
Downloading Flask-AutoIndex-0.6.6.tar.gz (52 kB)
Preparing metadata (setup.py): started
Preparing metadata (setup.py): finished with status 'done'
Collecting wfuzz
Downloading wfuzz-3.1.0-py3-none-any.whl (148 kB)
Collecting wafw00f
Downloading wafw00f-2.2.0-py3-none-any.whl (90 kB)
Collecting bs4
Downloading bs4-0.0.1.tar.gz (1.1 kB)
Preparing metadata (setup.py): started
Preparing metadata (setup.py): finished with status 'done'
Collecting colorama
Downloading colorama-0.4.6-py2.py3-none-any.whl (25 kB)
Collecting requests
Downloading requests-2.28.2-py3-none-any.whl (62 kB)
Collecting argparse
Downloading argparse-1.4.0-py2.py3-none-any.whl (23 kB)
Collecting python-Wappalyzer
Downloading python_Wappalyzer-0.3.1-py3-none-any.whl (93 kB)
Collecting aiodns==3.0.0
Downloading aiodns-3.0.0-py3-none-any.whl (5.0 kB)
Collecting aiofiles==0.7.0
Downloading aiofiles-0.7.0-py3-none-any.whl (13 kB)
Collecting aiohttp
Downloading aiohttp-3.8.4-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (1.0 MB)
Collecting aiomultiprocess==0.9.0
Downloading aiomultiprocess-0.9.0-py3-none-any.whl (17 kB)
Collecting aiosqlite==0.17.0
Downloading aiosqlite-0.17.0-py3-none-any.whl (15 kB)
Collecting beautifulsoup4==4.10.0
Downloading beautifulsoup4-4.10.0-py3-none-any.whl (97 kB)
Collecting censys==2.0.8
Downloading censys-2.0.8-py3-none-any.whl (51 kB)
Collecting certifi==2021.05.30
Downloading certifi-2021.5.30-py2.py3-none-any.whl (145 kB)
Collecting dnspython==2.1.0
Downloading dnspython-2.1.0-py3-none-any.whl (241 kB)
Collecting fastapi==0.68.1
Downloading fastapi-0.68.1-py3-none-any.whl (52 kB)
Collecting netaddr==0.8.0
Downloading netaddr-0.8.0-py2.py3-none-any.whl (1.9 MB)
Collecting orjson==3.6.3
Downloading orjson-3.6.3.tar.gz (548 kB)
Installing build dependencies: started
Installing build dependencies: finished with status 'done'
Getting requirements to build wheel: started
Getting requirements to build wheel: finished with status 'done'
Preparing metadata (pyproject.toml): started
Preparing metadata (pyproject.toml): finished with status 'error'
error: subprocess-exited-with-error

     × Preparing metadata (pyproject.toml) did not run successfully.
     │ exit code: 1
     ╰─> [6 lines of output]
         Checking for Rust toolchain...
         
         Cargo, the Rust package manager, is not installed or is not on PATH.
         This package requires Rust and Cargo to compile extensions. Install it through
         the system's package manager or via https://rustup.rs/
         
         [end of output]
     
     note: This error originates from a subprocess, and is likely not a problem with pip.
   error: metadata-generation-failed
   
   × Encountered error while generating package metadata.
   ╰─> See above for output.
   
   note: This is an issue with the package mentioned above, not pip.
   hint: See above for details.

! Push rejected, failed to compile Python app.
! Push failed

Merging of Gau results

Gau results are getting merged with other gau results...
I scanned veeamgov.com and other domains and I found out that other gau results are getting merged with this domain's results.

reconator adds random ips into queue

after running reconnator on example.com after some time it adds a random ip which has nothing to do with example.com into
queue

Error while deploying the app

The error pops up while deploying the app. Evey thing's correctly configured. IDK what's the problem.

Thank you

No other scans running after first successful scan

After I ran first scan, I got notification as well as output properly. But later, my other scans are not running. All targets are queued. Also, not receiving any notifications for further scans after first successful scan.

Solved

Resolved

Error ?

Not getting scanned resource after scan finished

Not able to see gau/{url}

Not able to deploy on Heroku

Getting below error after clicking on Deploy button at the end.

We couldn't deploy your app because the source code violates the Salesforce Acceptable Use and External-Facing Services Policy.

unable deploy app

will deploying I'm getting below error

Item could not be created:
We couldn't deploy your app because the source code violates the Salesforce Acceptable Use and External-Facing Services Policy.

thanks

Completed Scans not showing under Scanned Tab

I ran couple of scans and also received notification of those scans in my Telegram bot that the scans have been successfully completed and saved in db. But these scan results are not showing up in Scanned tab.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.