Tips & Tricks
Recon is an advance target identification and information gathering tool. It is specifically designed to be used at the very first stages of the penetration testing process. The types of checks performed by Recon are passive, i.e. the tool is not trying to exploit any vulnerabilities.
Recon comes quite handy when security weaknesses needs to be identified across large infrastructures without raising any alarm bells.
Open Recon from the Launch screen or by directly typing the application url.
Enter the target URL, IP address or domain name and press the enter/return key on your keyboard.
Once you are happy with the selected targets, simply approve the warning box and click on the proceed button. Results are displayed as soon as identified. Recon performs semi-passive checks, such as virtual host identification, domain enumeration, application fingerprinting, passive vulnerability identification on the main page of all discovered applications, etc.
Identified issues are grouped in sub-categories in order to provide better experience while browsing. The generated report can be exported in a number of formats including HTML, CSV, XML and JSON.