Skip to content

Commit

Permalink
Recon Dog v2.0
Browse files Browse the repository at this point in the history
  • Loading branch information
s0md3v authored Oct 13, 2018
1 parent 658d95c commit 3e6c9f6
Show file tree
Hide file tree
Showing 18 changed files with 611 additions and 846 deletions.
15 changes: 15 additions & 0 deletions .travis.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
language: python
os:
- linux
python:
- 3.6
install:
- pip install flake8
before_script:
- pip install -r requirements.txt
# stop the build if there are Python syntax errors
- flake8 . --count --select=E901,E999,F401,F701,F702,F706,F822,F823 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
- flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
script:
- python dog -t marvel.com -c 7 | python dog --domains
876 changes: 201 additions & 675 deletions LICENSE

Large diffs are not rendered by default.

96 changes: 80 additions & 16 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,20 +1,84 @@
# ReconDog
Recon Dog is an all in one tool for all your basic information gathering needs. It uses APIs to gather all the information so your identity is not exposed.
![ReconDog Screenshot](http://teamultimate.in/wp-content/uploads/2017/06/Screenshot-from-2017-06-12-23-14-54.png "Screenshot")

## Downloading and running Recon Dog
<h1 align="center">
<br>
<a href="https://github.com/s0md3v/ReconDog"><img src="https://image.ibb.co/mxO9rz/recondog.png" alt="Photon"></a>
<br>
ReconDog
<br>
</h1>

Enter the following command in the terminal to download it
```
git clone https://github.com/UltimateHackers/ReconDog
```
After downloading the program, enter the following command to navigate to the Recon Dog directory and listing the contents
```
cd ReconDog && ls
```
The directory contains `dog.py` which you can run with Python 2 and 3.

Now run the script for your python version with the following command.
<h4 align="center">Reconnaissance Swiss Army Knife</h4>

<p align="center">
<a href="https://github.com/s0md3v/ReconDog/releases">
<img src="https://img.shields.io/github/release/s0md3v/ReconDog.svg">
</a>
<a href="https://travis-ci.com/s0md3v/ReconDog">
<img src="https://img.shields.io/travis/com/s0md3v/ReconDog.svg">
</a>
<a href="https://github.com/s0md3v/ReconDog/issues?q=is%3Aissue+is%3Aclosed">
<img src="https://img.shields.io/github/issues-closed-raw/s0md3v/ReconDog.svg">
</a>
</p>

### Main Features
- Wizard + CLA interface
- Can extracts targets from STDIN (piped input) and act upon them
- All the information is extracted with APIs, no direct contact is made to the target


### Utilities
- [Censys](https://censys.io/): Uses censys.io to gather massive amount of information about an IP address.
- [NS Lookup](https://hackertarget.com/dns-lookup/): Does name server lookup
- [Port Scan](https://hackertarget.com/tcp-port-scan/): Scan most common TCP ports
- [Detect CMS](https://whatcms.org): Can detect 400+ content management systems
- [Whois lookup](https://hackertarget.com/whois-lookup/): Performs a whois lookup
- [Detect honeypot](https://honeyscore.shodan.io/): Uses shodan.io to check if target is a honeypot
- [Find subdomains](https://findsubdomains.com): Uses findsubdomains.com to find subdomains
- [Reverse IP lookup](https://hackertarget.com/reverse-ip-lookup/): Does a reverse IP lookup to find domains associated with an IP address
- [Detect technologies](https://www.wappalyzer.com): Uses wappalyzer.com to detect 1000+ technologies
- [All](https://github.com/s0md3v/ReconDog): Runs all utilities against the target

### Demo
<img alt="demo" href="https://youtu.be/CHkIMcSzzCY" src="https://image.ibb.co/i11A69/Screenshot-2018-10-13-15-41-11.png">

### Compatibility
Recon Dog will run on anything that has a python interpreter installed. However, it has been tested on the following configurations:

Operating Systems: Windows, Linux, Mac\
Python Versions: Python2.7, Python 3.6

### Installation
Recon Dog requires no manual configuration and can be simply run as a normal python script.\
However, a debian package can be downloaded from [here](https://github.com/s0md3v/s0md3v.github.io/blob/master/repo/Recon-Dog_2.0_all.deb?raw=true) if you want to install it.

### Usage
#### Wizard Interface
Wizard interface is the most straightforward way you can use Recon Dog in. Just run the program, select what you want to do and enter the target, it's that simple.
#### CLA Interface
Recon Dog also has a **C**ommand **L**ine **A**rgument inteface.
Here's how you can find subdomains:

`python dog -t marvel.com -c 7`

There's more to it! Do you have a program that can enumerate subdomains and you want to scan ports of all the subdomains it finds? Don't worry, Recon Dog is designed for handling with such cases. You can simply do this:

`subdomainfinder -t example.com | python dog --domains -c 3`

Also, it doesn't matter what kind of output the other program generates, Recon Dog uses regular expressions to find targets which makes it easy to integrate will literally every tool.
There are two switchs available:
```
python dog.py
--domains extract domains from STDIN
--ips extract ip addresses from STDIN
```

### Contribution & License
You can contribute in following ways:

- Report bugs
- Develop plugins
- Give suggestions to make it better
- Fix issues & submit a pull request

Do you want to have a conversation in private? Hit me up on [my twitter](https://twitter.com/s0md3v), inbox is open :) \
Recon Dog is licensed under **Apache 2.0 License**.
11 changes: 11 additions & 0 deletions core/colors.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
white = '\033[97m'
green = '\033[92m'
red = '\033[91m'
yellow = '\033[93m'
end = '\033[0m'
back = '\033[7;91m'
info = '\033[93m[!]\033[0m'
que = '\033[94m[?]\033[0m'
bad = '\033[91m[-]\033[0m'
good = '\033[32m[+]\033[0m'
run = '\033[97m[~]\033[0m'
20 changes: 20 additions & 0 deletions core/extractor.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
import re


def extractor(inpList, kind):
parsed = set()
inp = ''.join(inpList)
domain = r'[\w\.\-]+'
ip = r'\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b'
if kind == 'domain':
pattern = domain
else:
pattern = ip
matches = re.findall(pattern, inp)
for match in matches:
if kind == 'ip':
parsed.add(match)
else:
if not re.match(ip, match):
parsed.add(match)
return parsed
82 changes: 82 additions & 0 deletions core/hq.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
import re
import sys
import requests

from core.colors import bad, red, end

from plugins.whois import whois
from plugins.nsLookup import nsLookup
from plugins.findSubdomains import findSubdomains
from plugins.portScan import portScan
from plugins.detectTech import detectTech
from plugins.honeypot import honeypot
from plugins.detectCMS import detectCMS
from plugins.censys import censys
from plugins.reverseLookup import reverseLookup

database = {
'1': [censys, 'ip'],
'2': [nsLookup, 'domain'],
'3': [portScan, 'domip'],
'4': [detectCMS, 'domain'],
'5': [whois, 'domip'],
'6': [honeypot, 'ip'],
'7': [findSubdomains, 'domain'],
'8': [reverseLookup, 'ip'],
'9': [detectTech, 'url']
}

if sys.version_info < (3, 0):
input = raw_input


def getInput(typ):
if typ == 'domip':
typ = 'domain or ip'
inp = input('%s%s>>%s ' % (typ, red, end))
return inp


def validate(inp, typ):
if typ == 'ip':
match = re.match(r'\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b', inp)
if match:
return inp
else:
return False
elif typ == 'url':
if inp.startswith('http'):
return inp
else:
try:
requests.get('https://' + inp)
return 'https://' + inp
except:
return 'http://' + inp
else:
return inp


def hq(choice, target=False):
if target:
try:
database[choice][0](target)
except:
print ('%s Skipped due to error: %s' % (bad, target))
elif choice == '0':
inp = getInput('all')
for func in list(database.values()):
try:
func[0](inp)
print (red + ('-' * 60) + end)
except:
pass
elif not target:
typ = database[choice][1]
inp = getInput(typ)
validatedInp = validate(inp, typ)
if validatedInp:
plugin = database[choice][0]
plugin(validatedInp)
else:
print ('%s Invalid input type' % bad)
87 changes: 87 additions & 0 deletions dog
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
#!/usr/bin/env python3
import sys
import requests
import argparse

from core.hq import hq
from core.extractor import extractor
from core.colors import white, green, end, red, yellow, run

parser = argparse.ArgumentParser()
parser.add_argument('-t', help='target', dest='target')
parser.add_argument('-c', help='choice', dest='choice')
parser.add_argument('--domains', help='stdin type: domain', dest='domains', action='store_true')
parser.add_argument('--ips', help='stdin type: ip', dest='ips', action='store_true')
args = parser.parse_args()

ips = args.ips
target = args.target
choice = args.choice
domains = args.domains

data = False
if ips or domains:
data = sys.stdin.readlines()

arged = False
if target and choice:
arged = True

if sys.version_info < (3, 0):
input = raw_input


def banner():
print ('''%s
_____ ____
| __ |___ ___ ___ ___ %s|\_/|%s | \ ___ ___
| -| -_| _| . | | %s|. .|%s | | | . | . |
|__|__|___|___|___|_|_| %s \_/ %s |____/|___|_ |
|___| v2.0%s''' % (white, red, white, red, white, red, white, end))


def menu():
print('''
%s1.%s Censys
%s2.%s NS lookup
%s3.%s Port scan
%s4.%s Detect CMS
%s5.%s Whois lookup
%s6.%s Detect honeypot
%s7.%s Find subdomains
%s8.%s Reverse IP lookup
%s9.%s Detect technologies
%s0.%s All''' % (white, end, white, end, white, end, white, end, white, end, white, end, white, end, white, end, white, end, white, end))


def dog(choice, target):
if not args.target:
banner()
if arged:
hq(choice, target)
else:
while True:
menu()
result = False
choice = input('\033[1;91m>>\033[0m ')
hq(choice)


if data:
kind = 'domain'
if ips:
kind = 'ip'
targets = extractor(data, kind)
if choice:
for target in targets:
print ('%s %s' % (run, target))
hq(choice, target)
print (red + ('-' * 60) + end)
else:
for target in targets:
sys.stdout.write(target + '\n')
else:
try:
dog(choice, target)
except KeyboardInterrupt:
quit('')
Loading

0 comments on commit 3e6c9f6

Please sign in to comment.