Skip to content
Related Articles

Related Articles

Improve Article
Save Article
Like Article

R3con1z3r – Lightweight Information Gathering Tool in Kali Linux

  • Last Updated : 28 Apr, 2021

R3con1z3 is a free and open-source tool available on Github. R3con1z3 is one of the easiest and useful tools for performing reconnaissance on websites and web apps. The R3con1z3r tool is also available for Linux on Github. R3con1z3r is written in python language. You must have python language installed into your Kali Linux operating system. R3con1z3r provides a command-line interface that you can run on Kali Linux.  This tool can be used to get information about our target(domain). We can target any domain using R3con1z3. The interactive console of R3con1z3 provides a number of helpful features that are helpful for security researchers

R3con1z3 is based on Open Source Intelligence (OSINT). R3con1z3 is also called a lightweight Web information-gathering tool. R3con1z3r is also used to find footprints of the target. In terms of security, footprints are called a collection of every possible information regarding the target. R3con1z3r has a number of unique features that make this tool a lightweight tool. R3con1z3r has built-in functionalities which include passive reconnaissance Whois Footprinting, DNS information, Nmap port scanner, HTTP header flag, Traceroute, Reverse Target and hyperlinks on a webpage. As this tool is a lightweight tool it generated output in HTML format after the input domain is given in the input field of the tool.

reconizer

Features of R3con1z3:

  • R3con1z3 is a free and open-source tool that is available on GitHub. You can go and download this tool from Github free of cost.
  • R3con1z3 works and acts as a web application/website scanner. Its scans the website/web app and generated the output in HTML format.
  • R3con1z3 is written in python language. You must have installed python in your Kali Linux operating system.
  • R3con1z3 is a lightweight tool.
  • R3con1z3’s interactive console provides a number of helpful features.
  • R3con1z3 is used for information gathering and vulnerability assessment of web applications.
  • R3con1z3 is pronounced as recognizer.
  • Using R3con1z3 footprinting can be conducted quickly.
  • R3con1z3 has built-in functionalities such as  HTTP header flag, Traceroute, Whois Footprinting, DNS information.

Uses of R3con1z3:



  • For information gathering and vulnerability assessment.
  • To identify footprinting.
  • To get HTTP header information.
  • To Find server information.
  • To find routing information of the target.
  • To find the information of DNS Server.
  • To find vulnerabilities of closed and open ports of the target.
  • To perform crawling on the target domain.
  • To find hidden files on the target domain.
  • To find hyperlinks to the domain target webpage.

Installation of R3con1z3 Tool

Step 1. Open your Kali Linux operating system. Move to desktop. Here you have to create a directory called R3con1z3. In this directory, you have to install the tool. To move to desktop use the following command.

cd Desktop

change directory to desktop

Step 2. Now you are on the desktop. Here you have to create directory R3con1z3. To create R3con1z3 directory use the following command.

create a directory for R3con1z3

Step 3. You have created a directory. Now use the following command to move into that directory.

cd R3con1z3

change directory to r3con1z3

Step 4. Now you are in R3con1z3 directory. Now you have to install the pip command. Use the following command to install R3con1z3.

sudo apt install pip

installing pip



Step 5. The pip command is being installed into your system. Now to install the R3con1z3 tool use the following command.

pip install R3con1z3r

Step 6. The tool has been downloaded and installed into your system. This is the time to run the tool. To run the tool use the following command.

r3con1z3r

Example: Use the R3con1z3 tool and scan the website testphp.vulnweb.com and find out open-ports, header information, etc. First we need to set our target using the following command.

r3con1z3r -d testphp.vulnweb.com

We can see that here all the scanning has been completed and an HTML report has been generated. To view, the report uses the following command. To view the report. Go to the tool directory, and you will find the whole report.

This is the HTML file that you have to open, and you will find the following similar kind of results.

R3C0N1Z3R Report - [testphp.vulnweb.com]
HTTP header information
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Mon, 12 Apr 2021 10:55:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1
Content-Encoding: gzip
Trace Route
net/http: timeout awaiting response headers
Whois Information
This HTTP triggered function executed successfully.
DNS server record
A : 18.192.172.30
TXT : "google-site-verification:toEctYsulNIxgraKk7H3z58PCyz2IOCc36pIupEPmYQ"
Starting Nmap 7.70 ( https://nmap.org ) at 2021-04-12 10:55 UTC
Nmap scan report for testphp.vulnweb.com (18.192.172.30)
Host is up (0.082s latency).
rDNS record for 18.192.172.30: ec2-18-192-172-30.eu-central-1.compute.amazonaws.com
PORT     STATE    SERVICE
21/tcp   filtered ftp
22/tcp   filtered ssh
23/tcp   filtered telnet
80/tcp   open     http
110/tcp  filtered pop3
143/tcp  filtered imap
443/tcp  filtered https
3389/tcp filtered ms-wbt-server
Nmap done: 1 IP address (1 host up) scanned in 2.08 seconds
Website on the same server
No DNS server records found for testphp.vulnweb.com
Reverse IP Address
antivirus1.vulnweb.com
ec2-18-192-172-30.eu-central-1.compute.amazonaws.com
odincovo.vulnweb.com
testhtml5.vulnweb.com
testphp.vulnweb.com
tetphp.vulnweb.com
virus.vulnweb.com
viruswall.vulnweb.com
vulnweb.com
www.test.php.vulnweb.com
www.virus.vulnweb.com
www.vulnweb.com
Page Links
https://www.acunetix.com/
https://www.acunetix.com/vulnerability-scanner/
http://www.acunetix.com
https://www.acunetix.com/vulnerability-scanner/php-security-scanner/
https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/
http://www.eclectasy.com/Fractal-Explorer/index.html
http://www.acunetix.com

Example 2. Using recogniser to perform a full scan on a website to get details.

Once we set our target the tool will start full scanning of the target.




My Personal Notes arrow_drop_up
Recommended Articles
Page :

Start Your Coding Journey Now!