← 返回
未分类 中文

Recon Quick

Fast OSINT and reconnaissance presets using bbot and nmap. One-command subdomain enumeration, port scanning, and web fingerprinting for bug bounty recon.
使用 bbot 和 nmap 的快速 OSINT 与侦察预设,一键子域名枚举、端口扫描和 Web 指纹识别,适用于漏洞赏金侦察。
hostilespider hostilespider 来源
未分类 clawhub v1.0.0 1 版本 100000 Key: 无需
★ 0
Stars
📥 592
下载
💾 0
安装
1
版本
#latest

概述

Recon Quick — Fast OSINT Presets

One-command recon using bbot and nmap. Preset workflows for common bug bounty recon tasks.

Prerequisites

pipx install bbot
# nmap: apt install nmap / brew install nmap

Quick Start

# Full subdomain enumeration + web probe
python3 {baseDir}/scripts/recon.py target.com --preset full

# Just subdomains
python3 {baseDir}/scripts/recon.py target.com --preset subdomains

# Quick port scan top 100
python3 {baseDir}/scripts/recon.py target.com --preset ports

Presets

PresetWhat it doesTime
---------------------------
subdomainsSubdomain enum via bbot2-10 min
portsTop 100 ports + service detection1-5 min
webHTTP probe + tech fingerprint2-5 min
fullSubdomains + ports + web + nuclei10-30 min
passivePassive recon only (DNS, certs, APIs)1-3 min

Options

  • --preset PRESET — Recon preset (default: subdomains)
  • --output DIR — Output directory (default: ./recon-output)
  • --json — Output as JSON
  • --threads N — Thread count (default: 10)
  • --wordlist FILE — Custom wordlist for subdomain brute
  • --proxy URL — Proxy for web requests

Output Structure

recon-output/
├── target.com/
│   ├── subdomains.txt      # Discovered subdomains
│   ├── live-hosts.txt       # Alive HTTP services
│   ├── ports.txt            # Open ports
│   ├── tech-fingerprints.txt # Detected technologies
│   ├── nuclei-findings.txt  # Vulnerability scan results
│   └── full-report.json     # Everything combined

Integration with Bug Bounty

# Run recon, generate report
python3 recon.py target.com --preset full --output ./bounties/target
bb-report-template --type recon --target target.com -o report.md

Notes

  • bbot handles rate limiting and scope validation automatically
  • Nuclei findings are informational — manual verification required
  • Always check program scope before scanning
  • Use --proxy socks5://127.0.0.1:9050 for Tor

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-03 05:46 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

it-ops-security

Free Ride - Unlimited free AI

shaivpidadi
管理OpenClaw的OpenRouter免费AI模型,自动按质量排名模型,配置速率限制备用方案,并更新opencla...
★ 472 📥 78,620
it-ops-security

MoltGuard - Security & Antivirus & Guardrails

thomaslwang
MoltGuard — OpenClaw 安全守卫,由 OpenGuardrails 提供。安装后可防止您和您的用户受到提示注入、数据泄露及恶意行为的侵害。
★ 116 📥 31,026
it-ops-security

OpenClaw Backup

alex3alex
备份与恢复 OpenClaw 数据。适用于创建备份、设置自动备份计划、从备份恢复或管理备份轮转。处理 ~/.openclaw 目录归档并包含适当的排除规则。
★ 90 📥 31,084