FinalRecon

[Mutt]

FinalRecon is an open source data collection tool (OSINT). (The program is written in Python)

If you do not want to install FinalRecon, then you can use the Free online OSINT tool for collecting site data based on FinalRecon: https://suip.biz/?act=finalrecon

It scans over the Tor network, so it takes longer.

Functions
FinalRecon provides detailed information, including:

• Displays HTTP response headers from a website
• Whois
• Information from SSL certificate
• Site crawler to find directories and files
• Enumeration of DNS records:
  • A, AAAA, ANY, CNAME, MX, NS, SOA, TXT records
  • DMARC records
• Enumeration of subdomains. Sources of data:
  • BuffOver
  • crt.sh
  • ThreatCrowd
  • AnubisDB
  • ThreatMiner
• Tracing. Supported trace protocols:
  • UDP
  • TCP
  • ICMP
• Search directories
• Port scan:
  • Very fast
  • Most common 1000 ports
  • Open ports for standard services
• Export of results. Available formats:
  • txt
  • xml
  • csv

Page on GitHub: https://github.com/thewhiteh4t/FinalRecon

---

Installation on Kali Linux​

sudo apt install python3-pip libpq-dev
git clone https://github.com/thewhiteh4t/FinalRecon
cd FinalRecon
sudo pip3 install -r requirements.txt
sudo python3 ./finalrecon.py -h

Launch:

python3 ./finalrecon.py --full SITE_ADDRESS

Installing on Windows
Most of the functions of FinalRecon work on Windows, but the path tracing does not work , and the following error occurs at the very end of the program:

• Install python and pip
• Then download and unzip the program files: https://github.com/thewhiteh4t/FinalRecon/archive/master.zip
• Now open the command line: Win + x → Windows PowerShell.
• At the command line, go to the scripts folder using the cd command:

cd C: \ Users \ MiAl \ Downloads \ FinalRecon-master \

Install dependencies:

pip install -r requirements.txt

Open the finalrecon.py file and remove the following lines from it (almost at the very top):

if os.geteuid ()! = 0:
    print ('\ n' + R + '[-]' + C + 'Please Run as Root!' + '\ n')
    sys.exit ()
else:
    pass

Let's check if everything is in order by displaying a help message:

python ./finalrecon.py -h

Launch:

python ./finalrecon.py --full SITE_ADDRESS

FinalRecon launch example
Perform a full reconnaissance (--full) about the site (https://vk.com):

sudo finalrecon --full https://vk.com

Files with the results of collecting information are saved in the dumps folder in the program directory.

To search for hidden files and folders, the dictionary that comes with the program is used. The dictionaries are located in the wordlists folder , there are three dictionaries in total:

• dirb_big.txt
• dirb_common.txt
• dirb_small.txt

By default, the medium-sized dictionary dirb_common.txt is used . If you want to specify a large dictionary ( dirb_big.txt ), then this can be done with the -w option:

python3 ./finalrecon.py -w wordlists / dirb_big.txt --full SITE_ADDRESS

FinalRecon Help
Usage:

finalrecon.py [-h] [--headers] [--sslinfo] [--whois] [--crawl] [--dns] [--sub] [--trace] [--dir] [- ps]
                     [--full] [-t T] [-TT] [-w W] [-r] [-s] [-d D] [-m M] [-p P] [-tt TT] [-o O]
                     url

Options:
Positional arguments:

url Target URL

Optional arguments:

-h, --help show help and exit
  --headers Information from headers
  --sslinfo SSL certificate information
  --whois Query Whois
  --crawl Crawl links on the target site
  --dns Enumerate DNS records
  --sub Enumerate subdomains
  --trace Trace
  --dir Search directories
  --ps Fast port scan
  --full Full exploration

Additional options:

-t T Number of threads [Default: 50]
  -TT Request Timeout [Default: 10.0]
  -w W Dictionary path [Default: wordlists / dirb_common.txt]
  -r Allow redirects [Default: False]
  -s Toggle SSL verification [Default: True]
  -d D Custom DNS Servers [Default: 1.1.1.1]
  -m M Trace mode [Default: UDP] [Available: TCP, ICMP]
  -p P Trace port [Default: 80/33434]
  -tt TT Trace Timeout [Default: 1.0]
  -o O Output format [Default: txt] [Available: xml, csv]

FinalRecon errors
- Protocol Missing
If an error occurs during scanning:

[-] Protocol Missing, Include http: // or https: //

So you have not specified the protocol. That is, you need not only to specify a domain, for example, vk.com (this is wrong), but a domain with the https://vk.com protocol (this is correct).

- AttributeError: module 'os' has no attribute 'geteuid'
If you get an error at startup:

Traceback (most recent call last):

File "./finalrecon.py", line 15, in <module>
    if os.geteuid ()! = 0:
AttributeError: module 'os' has no attribute 'geteuid'

It means that you are running FinalRecon on Windows, but you have not edited the finalrecon.py file as described above in the instructions for installing FinalRecon on Windows.