🗂️ Navigation
📁 Penetration Testing
📋 Social Engineering Tools
🔧 Recon-ng

Recon-ng

A full-featured Web Reconnaissance framework written in Python.

Visit Website →

Overview

Recon-ng is a powerful framework for conducting open-source web-based reconnaissance. It has a modular structure, similar to Metasploit, allowing users to easily add and run different modules for information gathering. Its interactive console and database-backed environment help pentesters collect, manage, and use OSINT data effectively to build a comprehensive picture of a target's footprint, which is essential for social engineering.

✨ Key Features

  • Modular framework
  • Interactive console
  • Database for managing reconnaissance data
  • Numerous modules for gathering hosts, contacts, and credentials
  • API key management
  • Reporting features

🎯 Key Differentiators

  • Modular, Metasploit-like framework
  • Database-backed data management
  • Highly extensible and scriptable

Unique Value: Offers a structured and powerful modular framework for conducting and managing comprehensive web-based reconnaissance.

🎯 Use Cases (4)

Web reconnaissance OSINT gathering Penetration testing Building an attack surface map

✅ Best For

  • Systematically gathering information on a target domain using various online services
  • Finding employee names and email formats

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Executing phishing campaigns
  • Network vulnerability scanning

🏆 Alternatives

theHarvester Maltego SpiderFoot

Provides a more organized and database-driven approach to data collection than simpler tools like theHarvester.

💻 Platforms

Desktop (Linux)

🔌 Integrations

Various APIs like Shodan, GitHub, Twitter, etc.

💰 Pricing

Contact for pricing
Free Tier Available

Free tier: Fully open-source, no limits.

Visit Recon-ng Website →

🔄 Similar Tools in Social Engineering Tools

KnowBe4 Security Awareness Training

Platform for security awareness training and simulated phishing attacks to manage social engineering...

Contact

Cofense PhishMe

A SaaS platform that conditions employees to recognize and report phishing attacks through realistic...

Contact

Proofpoint Security Awareness Training

A comprehensive security awareness solution that educates employees on cybersecurity best practices....

Contact

Social-Engineer Toolkit (SET)

A Python-driven, open-source tool for simulating various types of social engineering attacks....

Contact

Gophish

An open-source phishing toolkit designed for businesses and penetration testers....

Contact

Infosec IQ (from Fortra)

A security awareness platform that combines phishing simulations with personalized training....

Contact