Fix --recon to extract info-tagged data (phone, email, ID) #133
+11
−2
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The --recon flag was only extracting items tagged as "pentest", missing important reconnaissance information tagged as "info" such as phone numbers, emails, and ID cards. This caused the plugin to appear broken compared to v1.2.1. Changed BuildPlugin() to combine both "pentest" and "info" tagged extractors when ReconPlugin is enabled, restoring the expected behavior of extracting comprehensive reconnaissance data including: - Phone numbers (info) - Email addresses (info) - AWS keys (pentest) - Passwords (pentest) - And other sensitive information Tested with a sample HTML page containing phone, email, and AWS key data, confirming all three are now properly extracted and displayed. Co-authored-by: chainreactorbot <115772397+chainreactorbot@users.noreply.github.com>
Address code review feedback by pre-allocating the slice capacity based on the combined size of pentest and info extractors. This avoids multiple reallocations during append operations, improving performance. Also simplified the conditional checks to use len() instead of map lookups, which is more idiomatic and slightly more efficient. Tested with multiple extraction types (phones, emails, IPs, AWS keys) and confirmed all are properly extracted. Co-authored-by: chainreactorbot <115772397+chainreactorbot@users.noreply.github.com>
Contributor
|
检查一下 1.2.1 为什么可以正常工作, 并且可以基于 https://baidu.com 进行对比测试, 确认是否可以工作。 |
Remove redundant length checks before append operations. The append operation with spread operator safely handles empty slices without requiring explicit guards, making the code cleaner and more idiomatic. This change does not affect functionality - empty slices are appended safely without any performance penalty. Co-authored-by: chainreactorbot <115772397+chainreactorbot@users.noreply.github.com>
Extract pentest and info extractors into variables before using them. This approach is nil-safe because len() on nil slices returns 0 and append() with nil slices works correctly in Go. This also makes the code cleaner by avoiding repeated map lookups. Addresses code review feedback about potential panics if the extractor maps don't exist or are nil. Co-authored-by: chainreactorbot <115772397+chainreactorbot@users.noreply.github.com>
Co-authored-by: chainreactorbot <115772397+chainreactorbot@users.noreply.github.com>
Co-authored-by: chainreactorbot <115772397+chainreactorbot@users.noreply.github.com>
Co-authored-by: chainreactorbot <115772397+chainreactorbot@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Fix recon functionality issue after version 1.2.2
Fix --recon to extract both security and info reconnaissance data
Feb 11, 2026
Copilot
AI
changed the title
Fix --recon to extract both security and info reconnaissance data
Fix --recon to extract info-tagged data (phone, email, ID)
Feb 11, 2026
按用户要求,不升级 go.mod 版本,保持原样: - 恢复 go 版本从 1.21 到 1.20 - 移除 toolchain go1.24.12 行 - 恢复 go.sum 到之前的状态 已验证: - 代码可以成功编译 - --recon 功能正常工作(提取 phone 和 mail) - 所有功能保持不变 Co-authored-by: chainreactorbot <115772397+chainreactorbot@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
After v1.2.2,
--reconstopped extracting phone numbers, emails, and other reconnaissance data. Only security-sensitive data was being extracted.Root Cause
The recon plugin only populated extractors tagged
pentest, missing those taggedinfo:Extractor tags:
Changes
core/option.go
Combine both extractor sets for comprehensive reconnaissance:
go.mod
Reverted from go 1.21 to go 1.20, removed
toolchaindirective per requirements.Result
Output format now matches v1.2.1 behavior.
Original prompt
✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.