Skip to content

mamanwhide/xRec0n

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

xRec0n

xRec0n — Advanced Security Toolkit

Built with Flask Python Version License
Status OSINT Scans Supported Deploy
GitHub forks GitHub stars

Modern, Flask-powered OSINT web app for domain/IP intelligence, subdomain enumeration, vulnerability checks, dorking, and more — with multi-scan, real-time status, history.


Table of Contents


Features

  • Unified Dashboard
    • KPIs: total scans, last scan, success rate
    • Quick links and module overview
  • Multi-Scan Orchestration
    • Run one or many modules in a single request:
      • WHOIS lookup (domain/IP)
      • DNS analysis
      • Port / Basic network scan
      • Network scanner (advanced toggles)
      • Subdomain enumeration
      • Vulnerability scanner (with optional engines)
      • OSINT (social footprint)
      • Dark Web intelligence
      • Google dorking (automated)
  • Results & History
    • Full history with drill-down details per module
    • Risk level hints and helpful links
    • Export as JSON
  • Responsive Dark UI
    • Bootstrap 5 + Font Awesome
    • Clean, compact cards and badges
  • Threaded Execution
    • Scans run in background threads to keep UI responsive
  • Error Handling
    • Toast notifications, form validation, and safe defaults

Architecture

  • Framework: Flask (Jinja2 templates, blueprints/routes)
  • Persistence: SQLite (default) in instance/ (can be swapped)
  • Tasks: Python threads for non-blocking scans
  • Views: templates/ (Jinja2) + static/ (CSS/JS/assets)
  • Modules: utils/ contains scanning primitives (whois, dns, ports, subdomains, vuln, social/osint, darkweb, dorking)

Screenshots

Replace with your actual images.

  • Screenshot-1
    Dashboard
  • Screenshot-2 New Scan
  • Screenshot-3
    Results

Quick Start

1) Clone & Install

git clone https://github.com/your-org/xRec0n.git
cd xRec0n
python -m venv .venv
. .venv/bin/activate
pip install -r requirements.txt

2) Environment

Create .env in project root:

export VIRUSTOTAL_API_KEY="YOurAPIKeysHere"

3) Run

flask run
# Or:
python main.py

Then browse to: http://127.0.0.1:5000/


Folder Structure

xRec0n/
├─ app.py / main.py / routes.py / models.py   
├─ utils/                                     
│  ├─ whois.py
│  ├─ dns.py
│  ├─ ports.py
│  ├─ subdomains.py
│  ├─ vuln.py
│  ├─ social_osint.py
│  └─ darkweb.py
├─ templates/                                  
│  ├─ base.html
│  ├─ dashboard.html
│  ├─ scan.html
│  └─ results.html
├─ static/
│  ├─ css/
│  ├─ js/
│  ├─ img/                                     
├─ instance/                                  
├─ requirements.txt
├─ .env.example
└─ README.md

Usage

New Scan

  1. Enter a target (domain/IP/URL/username).
  2. Select one or more modules (WHOIS, DNS, Network, Subdomain, Vulnerability, OSINT, Dark Web, Dorking).
  3. For advanced modules, expand advanced toggles (ports, UDP sampling, Nmap XML export, crawling limits, user-agent, etc.).

Results

  • Navigate to Results to see per-module outputs, risk hints, and links.
  • Export to JSON when needed.

Exporting Results

From the Results page, use the Export JSON action to download structured scan data for external processing or reporting pipelines.


Troubleshooting

  • Network scanning permissions: Some modules require OS/network capabilities (e.g., raw sockets); run with proper privileges.
  • Advanced vulnerability checks: May need external binaries (Nmap/Nuclei). Make sure they are installed and on $PATH.
  • Rate-limits / Blocks: Public endpoints (WHOIS/DNS/OSINT) might throttle requests. Respect backoff and provide API keys where applicable.

Security & Legal

For authorized testing only. Use xRec0n on assets you own or have explicit written permission to test.

Store secrets in server-side environment variables; do not hardcode credentials in templates.

Be mindful of local laws and terms of service for target systems and third-party APIs.


Roadmap

  • API tokens integration for premium providers (e.g., Shodan, Censys)
  • Optional task queue (Celery/RQ) for distributed scans
  • PDF/HTML report generator
  • Role-based access & user management
  • Webhook callbacks for scan completion
  • Container images & Helm chart

Contributing

Contributions are welcome!

  1. Fork the repo
  2. Create a feature branch: git checkout -b feat/amazing
  3. Commit changes: git commit -m "feat: add amazing"
  4. Push and open a PR

Maintainers & Contact

Lead: mansheman
Email: abdulvivo52@gmail.com

About

xRec0n is a modern Flask-based OSINT (Open Source Intelligence) web application with multi-scan features, statistical dashboards, and integration of various automated scanners for domains, IPs, and digital footprinting.

Topics

Resources

Stars

6 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors