Drecon (Deep Recon) is a fully automated reconnaissance pipeline for bug bounty hunters, red teamers, and cyber threat researchers. It aggregates subdomains, probes for services, scans for vulnerabilities, and gathers OSINT data β all with minimal user interaction.
- π Fast and multi-source subdomain enumeration
- π DNS resolving and live host detection
- πͺ Port scanning and service identification
- π‘οΈ Vulnerability scanning using Nuclei & Subzy
- πΈοΈ Archived URL discovery and crawling
- π Clean reporting and logging structure
| Phase | Tools |
|---|---|
| Subdomain Enum | subfinder, assetfinder, github-subdomains, chaos, crt.sh |
| DNS & Probing | dnsx, naabu, httpx, shodan |
| Vulnerability Scan | nuclei, subzy |
| URL Collection | gau, waybackurls |
| Crawling & Extras | katana, curl, jq, whois, unzip |
- Clone the repo
git clone https://github.com/yourusername/drecon.git
cd drecon- Install all dependencies
chmod +x install_tools.sh
./install_tools.sh- Usage
./drecon.sh target.com
#Expected output:
[+] Starting reconnaissance for: target.com
[+] Total unique subdomains: 238
[+] Output saved to: results/target.com.txt
[+] Running Phase 2...
[+] Scan log saved to: logs/target.com.log- ποΈ Use your own API keys for Chaos, Shodan, GitHub, and Nuclei to unlock full capabilities.
- π Use a VPN or VPS for anonymity and large-scale scans.
- 𧩠Modular: Comment out tools you donβt want to run.
MIT β feel free to use, modify, and share. Attribution appreciated.
If you find Drecon helpful, please consider starring π this repository β it helps a lot!