Reconnoitre - an enumeration tool to help you organise, and learn more about attack process

I’m a penetration tester from Australia that wrote a tool for the OSCP / HTB / VHL that helps to organise your machine attacks and guide you towards other tools to run based on the services discovered on the host. You can find it on Github, here: GitHub - codingo/Reconnoitre: A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

If there’s anything you’d like to see me add or a way you see that I can make it more valuable to your learning process feel free to message it in here. My aim is to help expose others to useful tools, and how to use them.

Sounds pretty cool. Will check it out. Thanks!

I didn’t know you were Australian awesome :D, im an aussie too.

@SirenCeol said:
I didn’t know you were Australian awesome :D, im an aussie too.

\o/ You should hit up your local sectalks group if you haven’t already! One of the best meetup groups we have in the region imo.

need to give it a try

@codingo said:

@SirenCeol said:
I didn’t know you were Australian awesome :D, im an aussie too.

\o/ You should hit up your local sectalks group if you haven’t already! One of the best meetup groups we have in the region imo.

Im quite the busy bee at the moment, although i have gone to a handful.

nice, this is cool, will try this

Thanks for posting. Been using recon-master with some modification, but keen to try another tool.

Pretty good tool! Thanks for sharing!

I havent tested, but in doc, i dont see uniscan -qweds…could be added…

Ty for this codingo found this when I started oscp earlier this year. Its a really nice tool

Nice

Nice stuff mate. Great work.

Love it. Will try out.
Hack The Box

gonna have to try this . Thanks for sharing!

FYI - I’m working on a large overhaul of this to allow you to more easily add your own commands. Basically - I’m moving it away from hardcoded command generation to building it from a *.json configuration. If you want to contribute some tools / commands you can put in a pull request for updates to this file: https://github.com/codingo/Reconnoitre/blob/master/reconnoitre/config.json

Nice!

I use it for few weeks now and really enjoy the way to automate first discovery on new machines. the finding file is also really helpful to get fast quick to certain tools.
I 'm glad if you can make evolution of the tool and will be happy to contribute at my level once. Very good job codingo !

I love this tool! Thanks a lot.

As promised reconnoitre has now been updated to allow you to tweak the commands shown at the duration of a scan. Commands have also had an update and can be found here: https://github.com/codingo/Reconnoitre/blob/master/reconnoitre/config.json