Open In App

Reconspider – Most Advanced Open Source Intelligence (OSINT) Framework

Last Updated : 21 Jul, 2021
Like Article

ReconSpider can be used by information security researchers, penetration testers, bug hunters, and cybercrime detectives to gather extensive information on their target. It is the most powerful open-source intelligence (OSINT) platform for scanning IP addresses, emails, websites, and organizations to extract information from various sources.


Step 1: Simply clone the Github repository to get ReconSpider. To effectively configure this tool, we first need to download it from the Github page using the commands listed below.

cd reconspider
git clone

Step 2: Check that both python3 and python3-pip are installed on your system.

sudo apt install python3 python3-pip

Step 3: When you clone and verify your Python installation, you will see a directory called reconspider. Now we navigate to the directory and run the command below to install this utility.

cd reconspider
sudo python3 install

Creating API Keys and Adding Them

Before we can use this tool, we’ll need certain API keys. The APIs that we are currently using in this tool are listed below.

Shodan API: Create an account with Shodan and activate it. Copy the key and paste it into the file in the modules directory once you’ve logged in.

Ipstack: Create an account with Ipstack and activate it. Copy the secret API key and paste it into the file in the modules directory once you’ve logged in.

Gmap API:  Gmap requires you to create an account and activate it. After logging in, click the [+ Generate New API Key] box, copy the key, and paste it into the modules directory’s file.


Now that we have completed all the settings and installation, we can use the Python program to launch this utility.


Enumerate IP Address: This option collects all information about a specific IP address from publicly available sources.

ReconSpider >> 1
IP >>

Domain Enumeration: Now we will try to get more information about the specific website. To do this, we’ll type “2” and then it will present us with all the features we can use.

Reconspider >> 2
HOST (URL / IP) >>
PORT >>   

Nslookup: By providing the name of the website, an attacker can obtain a domain name or IP address mapping, or other DNS records.

Domain >> 3
[+]Fetching Details...

CMS Detection: We can use this approach to determine the platform the website is built on, and if a component or version is vulnerable, we can attack it.

Domain>> 4

PortScan: This application provides port scanning features which can be useful for novices who want to perform port scanning against a live website.

Domain >> 5
1. Scan Default Ports (22-443)
2. Enter Custom Range
3. Back to Main Menu
>> 1

PHONE NUMBER: You may use this option to get information on a certain phone number.

Reconspider >> 3

METADATA: You can use this option to remove the entire metadata of the file.

Reconspider >> 5

REVERSE IMAGE SEARCH: This option enables you to access information and images comparable to those found on the internet.

Reconspider >> 6

HONEYPOT: You can use this option to find honeypots! A “HoneyScore” number that can vary from 0.0 to 1.0 represents the probability that an IP address is a honeypot.

Reconspider >> 7

MAC ADDRESS LOOKUP: This option enables you to determine the manufacturer, address, country, and other information of a Mac address.

Reconspider >> 8

IPHEATMAP: If you link all of the supplied IP locations with the correct Coordinator, you’ll get a heatmap of the specified IP or single IP.

Reconspider >> 9
    1) Trace single IP
    2) Trace multiple IPs

Crawling: Crawling is the process through which search engines dispatch a group of robots to look for fresh and updated material.

Domain >> 11

UPDATE: You can use this option to check for updates. If a new version becomes available, ReconSpider will download and integrate the changes into the current directory without overwriting any existing data.

ReconSpider >> 99
Checking for updates..

EXIT: This option allows you to exit the ReconSpider framework and return to your current operating system’s terminal.

ReconSpider >> 0
Bye, See ya again..

Similar Reads

Maryam v1.4.0 - Open-source Intelligence(OSINT) Framework
Maryam v1.4.0 is a free and open-source tool available on GitHub. Maryam is based upon Open Source Intelligence (OSINT), the easiest and useful tool for reconnaissance. Maryam interface is very similar to Metasploit 1 and Metasploit 2. Maryam provides a command-line interface that you can run on Kali Linux. This tool can be used to get information
2 min read
IRIS - Open-source intelligence framework
IRIS tool is an automated tool used for extracting information through OSINT means, IRIS is an open-source OSINT framework that includes modules for obtaining data on a target domain or individual through scraping web pages and extracting information from APIs. IRIS tool consists of lots of modules that can collect much more information about the t
2 min read
OSRFramework - Open Source Research Framework on Linux
OSINT is the most common method or technique for collecting information about the target domain or employee of the organization from open-source or publicly available data. Mostly malicious hackers use this technique in the attacks of Social Engineering, Phishing, etc. But on the good side, We can use this OSINT technique or understanding the scope
3 min read
Maryam - Perfect OSINT Framework
OSINT techniques are used to collect the data from publicly possible sources like Social Media Platforms etc. There are various ways to collect information. There are some automated tools that make the task easier. Maryam tool is one of the best tools which is been designed by the OWASP team and has the potential to collect information from open so
3 min read
SpiderFoot – A Automate OSINT Framework in Kali Linux
Spiderfoot is a free and open-source tool available on Github. This tool is a framework written in the python programming language. You must have python installed in your Kali Linux operating system to use this framework. Spiderfoot is used for reconnaissance. Spiderfoot uses different modules for information gathering. Spiderfoot is capable enough
5 min read
Katana Framework - Hacking Framework in Kali Linux
The Katana Framework is a free and open-source tool available on GitHub. This is a framework similar to Metasploitable 1 and Metasploitable 2, which makes it easy to use. The katana framework is written in python. This means you must have python installed in your Kali Linux operating system. This framework is developed to make penetration testing e
2 min read
TIDoS-Framework - Offensive Web Application Penetration Testing Framework
Being a penetration tester, you must have worked with Metasploit Framework for different attacks and information gathering. TIDoS Framework is quite similar to Metasploit Framework; Tidos Framework is an open-source toolkit that is free to use. This toolkit provides all major web application tests like Scanning of Target, Enumeration process, and V
8 min read
Lockdoor Framework - Penetration Testing Framework With Cyber Security Resources
Finding an automated tool that can perform all the phases of work in single integration is very difficult. So Lookdoor Framework is an automated tool that can help the security researchers, penetration testers, and bug bounty hunters to fund the information about the target domain and also enumerate the target domain. Lookdoor Framework tool is dev
3 min read
Sniffing with Xerosploit – An Advanced MITM Framework
Xerosploit is an open-source framework that makes it easy to perform man-in-the-middle (MITM) attacks on networks you have access to. The goal of an MITM attack is to get between two parties communicating and intercept or even alter their communications without them realizing it. The key advantage of Xerosploit is it automates many complex MITM att
6 min read
Cansina - Open Source Hidden Content Discovery Tool on Linux
Reconnaissance is one of the first steps to conduct within a pen test engagement. During this stage, information is gathered using different tools and sources. Some web applications may hide web resources from the public, there is however a way to discover the hidden content. This hidden content can contain some sensitive data about the internal ar
4 min read