• Welcome to the world's largest Chinese hacker forum

    Welcome to the world's largest Chinese hacker forum, our forum registration is open! You can now register for technical communication with us, this is a free and open to the world of the BBS, we founded the purpose for the study of network security, please don't release business of black/grey, or on the BBS posts, to seek help hacker if violations, we will permanently frozen your IP and account, thank you for your cooperation. Hacker attack and defense cracking or network Security

    business please click here: Creation Security  From CNHACKTEAM

Kali Linux 信息收集工具 recon-ng 详解


This Wind

Recommended Posts

由于此工具,很多的用法以及帮助文件不像其它工具那样一目了然,因此需要换个方法来教大家;

recon-ng的使用方法和Metasploit Framewor非常的相似。

一、列出帮助文件

  1. [recon-ng][default] > help
  2. Commands (type [help|?] <topic>):

add 添加记录到数据库

back 返回退出当前上下文

delete 从数据库中删除记录

exit 退出框架

help 显示此帮助菜单

keys 键管理框架API键

load 负载指定模块

pdb 启动Python Debugger会话

query 查询数据库

record 将命令记录到资源文件

reload 重新加载所有模块

resource 从资源文件执行命令

search 搜索可用的模块

set 设置模块选项

shell 执行shell命令

show 显示各种框架项目

snapshots 管理工作区快照

spool 输出到文件

unset 模块选项

use 使用指定模块

workspaces 管理工作区

二、列出所有的模块

  1. [recon-ng][default] > show modules

所有模块如下:

  1. Discovery
  2.   ---------
  3.     discovery/info_disclosure/cache_snoop
  4.     discovery/info_disclosure/interesting_files
  5.   Exploitation
  6.   ------------
  7.     exploitation/injection/command_injector
  8.     exploitation/injection/xpath_bruter
  9.   Import
  10.   ------
  11.     import/csv_file
  12.     import/list
  13.   Recon
  14.   -----
  15.     recon/companies-contacts/bing_linkedin_cache
  16.     recon/companies-contacts/jigsaw/point_usage
  17.     recon/companies-contacts/jigsaw/purchase_contact
  18.     recon/companies-contacts/jigsaw/search_contacts
  19.     recon/companies-contacts/linkedin_auth
  20.     recon/companies-multi/github_miner
  21.     recon/companies-multi/whois_miner
  22.     recon/contacts-contacts/mailtester
  23.     recon/contacts-contacts/mangle
  24.     recon/contacts-contacts/unmangle
  25.     recon/contacts-credentials/hibp_breach
  26.     recon/contacts-credentials/hibp_paste
  27.     recon/contacts-domains/migrate_contacts
  28.     recon/contacts-profiles/fullcontact
  29.     recon/credentials-credentials/adobe
  30.     recon/credentials-credentials/bozocrack
  31.     recon/credentials-credentials/hashes_org
  32.     recon/domains-contacts/metacrawler
  33.     recon/domains-contacts/pgp_search
  34.     recon/domains-contacts/whois_pocs
  35.     recon/domains-credentials/pwnedlist/account_creds
  36.     recon/domains-credentials/pwnedlist/api_usage
  37.     recon/domains-credentials/pwnedlist/domain_creds
  38.     recon/domains-credentials/pwnedlist/domain_ispwned
  39.     recon/domains-credentials/pwnedlist/leak_lookup
  40.     recon/domains-credentials/pwnedlist/leaks_dump
  41.     recon/domains-domains/brute_suffix
  42.     recon/domains-hosts/bing_domain_api
  43.     recon/domains-hosts/bing_domain_web
  44.     recon/domains-hosts/brute_hosts
  45.     recon/domains-hosts/builtwith
  46.     recon/domains-hosts/certificate_transparency
  47.     recon/domains-hosts/google_site_api
  48.     recon/domains-hosts/google_site_web
  49.     recon/domains-hosts/hackertarget
  50.     recon/domains-hosts/mx_spf_ip
  51.     recon/domains-hosts/netcraft
  52.     recon/domains-hosts/shodan_hostname
  53.     recon/domains-hosts/ssl_san
  54.     recon/domains-hosts/threatcrowd
  55.     recon/domains-vulnerabilities/ghdb
  56.     recon/domains-vulnerabilities/punkspider
  57.     recon/domains-vulnerabilities/xssed
  58.     recon/domains-vulnerabilities/xssposed
  59.     recon/hosts-domains/migrate_hosts
  60.     recon/hosts-hosts/bing_ip
  61.     recon/hosts-hosts/freegeoip
  62.     recon/hosts-hosts/ipinfodb
  63.     recon/hosts-hosts/resolve
  64.     recon/hosts-hosts/reverse_resolve
  65.     recon/hosts-hosts/ssltools
  66.     recon/hosts-locations/migrate_hosts
  67.     recon/hosts-ports/shodan_ip
  68.     recon/locations-locations/geocode
  69.     recon/locations-locations/reverse_geocode
  70.     recon/locations-pushpins/flickr
  71.     recon/locations-pushpins/instagram
  72.     recon/locations-pushpins/picasa
  73.     recon/locations-pushpins/shodan
  74.     recon/locations-pushpins/twitter
  75.     recon/locations-pushpins/youtube
  76.     recon/netblocks-companies/whois_orgs
  77.     recon/netblocks-hosts/reverse_resolve
  78.     recon/netblocks-hosts/shodan_net
  79.     recon/netblocks-ports/census_2012
  80.     recon/netblocks-ports/censysio
  81.     recon/ports-hosts/migrate_ports
  82.     recon/profiles-contacts/dev_diver
  83.     recon/profiles-contacts/github_users
  84.     recon/profiles-profiles/namechk
  85.     recon/profiles-profiles/profiler
  86.     recon/profiles-profiles/twitter_mentioned
  87.     recon/profiles-profiles/twitter_mentions
  88.     recon/profiles-repositories/github_repos
  89.     recon/repositories-profiles/github_commits
  90.     recon/repositories-vulnerabilities/gists_search
  91.     recon/repositories-vulnerabilities/github_dorks
  92.   Reporting
  93.   ---------
  94.     reporting/csv
  95.     reporting/html
  96.     reporting/json
  97.     reporting/list
  98.     reporting/proxifier
  99.     reporting/pushpin
  100.     reporting/xlsx
  101.     reporting/xml

三、选择模块

每个模块它的功能是不一样的,我现在随意选择一个模块:

  1. [recon-ng][default] > use recon/hosts-hosts/bing_ip

三、显示你刚选择模块的信息

[rihide]详细了解请点击此处[/rihide]

 
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now