Skip to content
Related Articles
Open in App
Not now

Related Articles

FinalRecon – Automatic Web Reconnaissance Tool

Improve Article
Save Article
  • Difficulty Level : Basic
  • Last Updated : 18 Jul, 2021
Improve Article
Save Article

FinalRecon is an incredibly simple, cool tool to install. It is an automatic web reconnaissance tool that is written in Python. It provides an overview of the target in a small amount of time while maintaining the accuracy of the results. This tool is also available in Black Arch Linux and SecBSD.


FinalRecon tool provides detailed information such as :

  • Header Information
  • Whois
  • SSL Certificate Information
  • Crawler


First clone the tool by typing the following command in your terminal,

git clone

Change directory to FinalRecon by,

cd FinalRecon

Then list the files by ‘ls’ to see if there are any requirements to be installed.

Install the requirements by the following command,

pip3 install -r requirements.txt

Then run the tool by the following command,


How to use:

There are various flags we can use as we can see from the above image, but here we will use the –full flag as it runs all the tests listed above.

To use the –full flag type the following command,

python3 --full


The –full flag of the tool managed to get us valuable header records, such as content-encoding technique, server information, and scripting language. 

SSL Certificate Information:

FinalRecon tool also shows us the SSL certificate information such as province name, serial number and CA issuers, etc.

Whois Lookup:

The image above shows an important geographical and CIDR record of the target host. The CIDR information is considered to be important in understanding the IP allocation and IP routing of the target host’s network.


The web crawling feature is not as cool as the other information gathering features. If the host is a subdomain, the tool crawls links for the parent domain instead of the target subdomain, unlike other tools.


So to conclude, FinalRecon is a tool written in Python. It saves a lot of time as it provides an overview of the target in a short amount of time while maintaining the accuracy of the results. One can use the –full flag to scan the target once instead of getting header information, SSL certificate information individually. It is an automatic web reconnaissance tool and a very powerful one.

My Personal Notes arrow_drop_up
Related Articles

Start Your Coding Journey Now!