README.md

🛡️ ReConing v1.0

Enterprise Reconnaissance & Attack Surface Management Framework

NovaRecon is a professional-grade reconnaissance framework designed for
authorized security professionals, penetration testers, and bug bounty hunters.

"Know your target before they know you."

---

📋 Table of Contents

• Features
• Installation
• Usage
• Modules
• Output
• Examples
• Requirements
• Supported Platforms
• Disclaimer

---

🚀 Features

#	Module	Description
🔍	Port Scanner	Scans 22+ common ports with service fingerprinting & banner grabbing
🌐	Tech Detector	Identifies 18+ web technologies (CMS, frameworks, servers, CDNs)
🕷️	Web Crawler	Crawls websites, extracts URLs, forms, emails, & hidden comments
🔑	JS Secret Hunter	25+ regex patterns to find API keys, tokens, passwords in JavaScript
📡	OSINT Engine	Subdomain enumeration, DNS records, WHOIS lookup
🛡️	WAF Detector	Identifies 12+ WAF/CDN providers (Cloudflare, Akamai, AWS, etc.)
📊	Report Generator	Saves results in structured JSON format for further analysis

---

📥 Installation

Linux (Kali/Ubuntu/Debian)

# Step 1: Update packages
sudo apt update -y

# Step 2: Clone or download the project
git clone https://github.com/tyranroot/ReConing.git

# Step 3: Open Folder
cd ReConing

# Step 4: Create Virual venv
python3 -m venv venv

# Step 5: Execute venv
source venv/bin/activate

# Step 6: Install Dependencies
pip3 install -r requirements.txt

# Step 7: One-command setup
python3 setup.py

# Step 8: Verify installation
python3 main.py --help

Termux (Android)

# Step 1: Update packages
pkg update -y

# Step 2: Install Python
pkg install python python-pip git -y

# Step 3: Clone the project
git clone https://github.com/tyranroot/ReConing.git

# Step 4: Open Folder
cd ReConing

# Step 4: Install dependencies
pip install aiohttp beautifulsoup4 colorama dnspython python-whois

# Step 5: Run
python main.py --help

Windows

# Step 1: Install Python from python.org (Python 3.8+)
# Step 2: Open Command Prompt or PowerShell as Administrator
# Step 3: Download Project
https://github.com/tyranroot/ReConing
cd ReConing

# Step 3: Install dependencies
pip install aiohttp beautifulsoup4 colorama dnspython python-whois

# Step 4: Run
python main.py --help

---

🎯 Usage

python3 main.py <command> <target> [options]

Commands:
  quick       Fast scan (ports + technology only)
  full        Full reconnaissance (all modules)
  scan-port   Port scanning only
  scan-js     JavaScript secret hunting only
  scan-tech   Technology detection only
  scan-osint  OSINT gathering only
  scan-waf    WAF detection only

Options:
  -o, --output FILE  Save results to specific file
  -v, --verbose      Enable verbose output
  -h, --help         Show help message

---

📦 Modules

🔍 Port Scanner

Scans 22 common ports including SSH (22), HTTP (80), HTTPS (443), MySQL (3306), RDP (3389), and more. Performs banner grabbing for service version detection.

python3 main.py scan-port example.com

🌐 Tech Detector

Identifies web technologies using HTTP headers, HTML content analysis, and JavaScript signatures. Detects CMS, frameworks, CDNs, and analytics tools.

python3 main.py scan-tech https://example.com

🕷️ Web Crawler

Crawls websites up to 20 pages, extracting:

• All discovered URLs
• Form fields and actions
• Email addresses
• HTML comments (potential secrets)
• Linked JavaScript files

python3 main.py scan-tech https://example.com  # Runs with full scan

🔑 JS Secret Hunter

Scans JavaScript files for hardcoded secrets. Uses 25+ regex patterns:

Pattern	Targets
AWS Keys	Access Key, Secret Key
Google	API Key, OAuth Client
GitHub	Personal Access Token, OAuth Token
JWT	JSON Web Tokens
Slack	Bot Token, Webhook URL
Discord	Bot Token, Webhook URL
Telegram	Bot Token
Stripe	Live/Secret Keys
Database	MongoDB, MySQL, PostgreSQL, Redis URLs
Private Keys	RSA, DSA, EC, OpenSSH
Passwords	Hardcoded credentials

python3 main.py scan-js https://example.com

📡 OSINT Engine

Gathers open-source intelligence:

• Subdomain enumeration (20+ common subdomains)
• DNS record lookup (A, MX, NS)
• WHOIS information (registrar, dates, name servers)

python3 main.py scan-osint example.com

🛡️ WAF Detector

Detects Web Application Firewalls:

• Cloudflare, Akamai, AWS WAF, Sucuri
• ModSecurity, F5 BIG-IP, Imperva
• Fastly, StackPath, Barracuda, Wordfence, Varnish
• Tests WAF blocking capability with malicious payloads

python3 main.py scan-waf https://example.com

---

📊 Output

Results are saved as JSON files in the output/ directory:

{
  "target": "example.com",
  "scan_type": "port_scan",
  "duration": 2.5,
  "status": "completed",
  "data": {
    "open_ports": [
      {"port": 80, "service": "HTTP", "banner": "Apache/2.4.41"},
      {"port": 443, "service": "HTTPS", "banner": "nginx/1.24.0"}
    ],
    "total_open": 2
  }
}

Output filename format: novarecon_results_YYYYMMDD_HHMMSS.json

---

💻 Examples

Quick Scan

python3 main.py quick https://example.com

⏱️ ~3 seconds | Checks ports and technology

Full Reconnaissance

python3 main.py full https://example.com

⏱️ ~10-15 seconds | Runs all 6 modules

JavaScript Secret Hunting

python3 main.py scan-js https://example.com

🔍 Extracts API keys, tokens, and endpoints from JS files

OSINT Gathering

python3 main.py scan-osint example.com

🌐 Finds subdomains, DNS records, and WHOIS info

WAF Detection

python3 main.py scan-waf https://example.com

🛡️ Identifies WAF/CDN providers

Custom Target

# Any website
python3 main.py full https://google.com

# IP address
python3 main.py scan-port 192.168.1.1

# Blog
python3 main.py quick https://medium.com

# Your own site for testing
python3 main.py full https://your-own-site.com

---

📋 Requirements

Package	Purpose
Python 3.8+	Core language
aiohttp	Async HTTP requests
beautifulsoup4	HTML parsing
colorama	Colored terminal output
dnspython	DNS lookups
python-whois	WHOIS queries

---

🖥️ Supported Platforms

Platform	Status	Notes
🐧 Kali Linux	✅ Full	Best performance
🐧 Ubuntu/Debian	✅ Full
📱 Termux (Android)	✅ Mostly	Some features limited
🪟 Windows	✅ Mostly	WHOIS may need extra setup
🍎 macOS	✅ Mostly	Tested on Intel/Apple Silicon

---

⚠️ Disclaimer

NovaRecon is designed for authorized security testing only.

By using this tool, you agree to:

1. Only scan targets you own or have explicit written permission to test
2. Comply with all applicable local, state, and federal laws
3. Accept full responsibility for your actions

Unauthorized scanning may violate:

• Computer Fraud and Abuse Act (CFAA) — US
• Computer Misuse Act — UK
• Information Technology Act — India
• Similar laws in other jurisdictions

The developers assume no liability for misuse of this framework.

---

📝 License

This project is licensed under the MIT License - see the LICENSE file for details.

---

📧 Connect & Support

Have questions, collaboration proposals, or custom penetration testing requests? Feel free to reach out to our primary channels:

• 💻 GitHub Profile: TyranRoot
• 📧 Email: TyranRoot
• 🔵 Facebook: TyranRoot
• 📸 Instagram Hub: TyranRoot
• 🎵 TikTok: TyranRoot

---