reconFTW: Open-source reconnaissance automation

reconFTW is an open-source tool that simplifies and automates the reconnaissance process, delivering subdomain enumeration, vulnerability assessment, and gathering intelligence about a target.

Using various techniques — such as passive and brute-force methods, permutations, certificate transparency analysis, source code scraping, analytics tracking, and DNS record analysis — reconFTW ensures comprehensive subdomain enumeration. This approach helps you uncover the most relevant and intriguing subdomains, giving you a competitive edge.

Beyond enumeration, reconFTW performs vulnerability assessments, identifying issues such as XSS, open redirects, SSRF, CRLF, LFI, SQL injection, SSL vulnerabilities, SSTI, DNS zone transfers, and more. It also integrates OSINT methods, directory fuzzing, search engine dorking, port scanning, screenshot capture, and nuclei scans.

reconFTW is available for free download on GitHub.

Must read:

• 33 open-source cybersecurity solutions you didn’t know you needed
• 20 free cybersecurity tools you might have missed
• 15 open-source cybersecurity tools you’ll wish you’d known earlier
• 20 essential open-source cybersecurity tools that save you time

I have read and agree to the terms & conditions

Leave this field empty if you're human: