FinalRecon – Automatic Web Reconnaissance Tool
FinalRecon is an incredibly simple, cool tool to install. It is an automatic web reconnaissance tool that is written in Python. It provides an overview of the target in a small amount of time while maintaining the accuracy of the results. This tool is also available in Black Arch Linux and SecBSD.
FinalRecon tool provides detailed information such as :
- Header Information
- SSL Certificate Information
First clone the tool by typing the following command in your terminal,
git clone https://github.com/thewhiteh4t/FinalRecon.git
Change directory to FinalRecon by,
Then list the files by ‘ls’ to see if there are any requirements to be installed.
Install the requirements by the following command,
pip3 install -r requirements.txt
Then run the tool by the following command,
How to use:
There are various flags we can use as we can see from the above image, but here we will use the –full flag as it runs all the tests listed above.
To use the –full flag type the following command,
python3 finalrecon.py --full www.google.com
The –full flag of the tool managed to get us valuable header records, such as content-encoding technique, server information, and scripting language.
SSL Certificate Information:
FinalRecon tool also shows us the SSL certificate information such as province name, serial number and CA issuers, etc.
The image above shows an important geographical and CIDR record of the target host. The CIDR information is considered to be important in understanding the IP allocation and IP routing of the target host’s network.
The web crawling feature is not as cool as the other information gathering features. If the host is a subdomain, the tool crawls links for the parent domain instead of the target subdomain, unlike other tools.
So to conclude, FinalRecon is a tool written in Python. It saves a lot of time as it provides an overview of the target in a short amount of time while maintaining the accuracy of the results. One can use the –full flag to scan the target once instead of getting header information, SSL certificate information individually. It is an automatic web reconnaissance tool and a very powerful one.