R3con1z3r is a free and open-source tool available on Github. R3con1z3 is one of the easiest and useful tools for performing reconnaissance on websites and web apps. The R3con1z3r tool is also available for Linux on Github. R3con1z3r is written in python language. You must have python language installed into your Kali Linux operating system. R3con1z3r provides a command-line interface that you can run on Kali Linux. This tool can be used to get information about our target(domain). We can target any domain using R3con1z3r. The interactive console of R3con1z3r provides a number of helpful features that are helpful for security researchers.
R3con1z3r is based on Open Source Intelligence (OSINT). R3con1z3r is also called a lightweight Web information-gathering tool. R3con1z3r is also used to find footprints of the target. In terms of security, footprints are called a collection of every possible information regarding the target. R3con1z3r has a number of unique features that make this tool a lightweight tool. R3con1z3r has built-in functionalities which include passive reconnaissance Whois Footprinting, DNS information, Nmap port scanner, HTTP header flag, Traceroute, Reverse Target and hyperlinks on a webpage. As this tool is a lightweight tool it generated output in HTML format after the input domain is given in the input field of the tool.
Features of R3con1z3:
- R3con1z3r is a free and open-source tool that is available on GitHub. You can go and download this tool from Github free of cost.
- R3con1z3r works and acts as a web application/website scanner. Its scans the website/web app and generated the output in HTML format.
- R3con1z3r is written in python language. You must have installed python in your Kali Linux operating system.
- R3con1z3r is a lightweight tool.
- R3con1z3r’s interactive console provides a number of helpful features.
- R3con1z3r is used for information gathering and vulnerability assessment of web applications.
- R3con1z3r is pronounced as recognizer.
- Using R3con1z3r footprinting can be conducted quickly.
- R3con1z3r has built-in functionalities such as HTTP header flag, Traceroute, Whois Footprinting, DNS information.
Uses of R3con1z3:
- For information gathering and vulnerability assessment.
- To identify footprinting.
- To get HTTP header information.
- To Find server information.
- To find routing information of the target.
- To find the information of DNS Server.
- To find vulnerabilities of closed and open ports of the target.
- To perform crawling on the target domain.
- To find hidden files on the target domain.
- To find hyperlinks to the domain target webpage.
Installation of R3con1z3r Tool
Step 1. Open your Kali Linux operating system. Move to desktop. Here you have to create a directory called R3con1z3. In this directory, you have to install the tool. To move to desktop use the following command.
Step 2. Now you are on the desktop. Here you have to create directory R3con1z3. To create R3con1z3 directory use the following command.
Step 3. You have created a directory. Now use the following command to move into that directory.
Step 4. Now you are in R3con1z3 directory. Now you have to install the pip command. Use the following command to install R3con1z3r.
sudo apt install pip
Step 5. The pip command is being installed into your system. Now to install the R3con1z3r tool use the following command.
pip install R3con1z3r
Step 6. The tool has been downloaded and installed into your system. This is the time to run the tool. To run the tool use the following command.
Example: Use the R3con1z3r tool and scan the website testphp.vulnweb.com and find out open-ports, header information, etc. First we need to set our target using the following command.
r3con1z3r -d testphp.vulnweb.com
We can see that here all the scanning has been completed and an HTML report has been generated. To view, the report uses the following command. To view the report. Go to the tool directory, and you will find the whole report.
This is the HTML file that you have to open, and you will find the following similar kind of results.
R3C0N1Z3R Report - [testphp.vulnweb.com]
HTTP header information
HTTP/1.1 200 OK
Date: Mon, 12 Apr 2021 10:55:12 GMT
Content-Type: text/html; charset=UTF-8
net/http: timeout awaiting response headers
This HTTP triggered function executed successfully.
DNS server record
A : 18.104.22.168
TXT : "google-site-verification:toEctYsulNIxgraKk7H3z58PCyz2IOCc36pIupEPmYQ"
Starting Nmap 7.70 ( https://nmap.org ) at 2021-04-12 10:55 UTC
Nmap scan report for testphp.vulnweb.com (22.214.171.124)
Host is up (0.082s latency).
rDNS record for 126.96.36.199: ec2-18-192-172-30.eu-central-1.compute.amazonaws.com
PORT STATE SERVICE
21/tcp filtered ftp
22/tcp filtered ssh
23/tcp filtered telnet
80/tcp open http
110/tcp filtered pop3
143/tcp filtered imap
443/tcp filtered https
3389/tcp filtered ms-wbt-server
Nmap done: 1 IP address (1 host up) scanned in 2.08 seconds
Website on the same server
No DNS server records found for testphp.vulnweb.com
Reverse IP Address
Example 2. Using recognizer to perform a full scan on a website to get details.
Once we set our target the tool will start full scanning of the target.
Whether you're preparing for your first job interview or aiming to upskill in this ever-evolving tech landscape, GeeksforGeeks Courses
are your key to success. We provide top-quality content at affordable prices, all geared towards accelerating your growth in a time-bound manner. Join the millions we've already empowered, and we're here to do the same for you. Don't miss out - check it out now!