Modern, Flask-powered OSINT web app for domain/IP intelligence, subdomain enumeration, vulnerability checks, dorking, and more — with multi-scan, real-time status, history.
- Features
- Architecture
- Screenshots
- Quick Start
- Folder Structure
- Usage
- Exporting Results
- Troubleshooting
- Security & Legal
- Roadmap
- Contributing
- Maintainers & Contact
- License
- Unified Dashboard
- KPIs: total scans, last scan, success rate
- Quick links and module overview
- Multi-Scan Orchestration
- Run one or many modules in a single request:
- WHOIS lookup (domain/IP)
- DNS analysis
- Port / Basic network scan
- Network scanner (advanced toggles)
- Subdomain enumeration
- Vulnerability scanner (with optional engines)
- OSINT (social footprint)
- Dark Web intelligence
- Google dorking (automated)
- Run one or many modules in a single request:
- Results & History
- Full history with drill-down details per module
- Risk level hints and helpful links
- Export as JSON
- Responsive Dark UI
- Bootstrap 5 + Font Awesome
- Clean, compact cards and badges
- Threaded Execution
- Scans run in background threads to keep UI responsive
- Error Handling
- Toast notifications, form validation, and safe defaults
- Framework: Flask (Jinja2 templates, blueprints/routes)
- Persistence: SQLite (default) in
instance/(can be swapped) - Tasks: Python threads for non-blocking scans
- Views:
templates/(Jinja2) +static/(CSS/JS/assets) - Modules:
utils/contains scanning primitives (whois, dns, ports, subdomains, vuln, social/osint, darkweb, dorking)
Replace with your actual images.
git clone https://github.com/your-org/xRec0n.git
cd xRec0n
python -m venv .venv
. .venv/bin/activate
pip install -r requirements.txtCreate .env in project root:
export VIRUSTOTAL_API_KEY="YOurAPIKeysHere"
flask run
# Or:
python main.pyThen browse to: http://127.0.0.1:5000/
xRec0n/
├─ app.py / main.py / routes.py / models.py
├─ utils/
│ ├─ whois.py
│ ├─ dns.py
│ ├─ ports.py
│ ├─ subdomains.py
│ ├─ vuln.py
│ ├─ social_osint.py
│ └─ darkweb.py
├─ templates/
│ ├─ base.html
│ ├─ dashboard.html
│ ├─ scan.html
│ └─ results.html
├─ static/
│ ├─ css/
│ ├─ js/
│ ├─ img/
├─ instance/
├─ requirements.txt
├─ .env.example
└─ README.md
New Scan
- Enter a target (domain/IP/URL/username).
- Select one or more modules (WHOIS, DNS, Network, Subdomain, Vulnerability, OSINT, Dark Web, Dorking).
- For advanced modules, expand advanced toggles (ports, UDP sampling, Nmap XML export, crawling limits, user-agent, etc.).
Results
- Navigate to Results to see per-module outputs, risk hints, and links.
- Export to JSON when needed.
From the Results page, use the Export JSON action to download structured scan data for external processing or reporting pipelines.
- Network scanning permissions: Some modules require OS/network capabilities (e.g., raw sockets); run with proper privileges.
- Advanced vulnerability checks: May need external binaries (Nmap/Nuclei). Make sure they are installed and on
$PATH. - Rate-limits / Blocks: Public endpoints (WHOIS/DNS/OSINT) might throttle requests. Respect backoff and provide API keys where applicable.
For authorized testing only. Use xRec0n on assets you own or have explicit written permission to test.
Store secrets in server-side environment variables; do not hardcode credentials in templates.
Be mindful of local laws and terms of service for target systems and third-party APIs.
- API tokens integration for premium providers (e.g., Shodan, Censys)
- Optional task queue (Celery/RQ) for distributed scans
- PDF/HTML report generator
- Role-based access & user management
- Webhook callbacks for scan completion
- Container images & Helm chart
Contributions are welcome!
- Fork the repo
- Create a feature branch:
git checkout -b feat/amazing - Commit changes:
git commit -m "feat: add amazing" - Push and open a PR
Lead: mansheman
Email: abdulvivo52@gmail.com


