Automated recon and scanning framework for bug bounty, pentesting & red teaming.
Reconamil.sh is a modular, automated shell script built for recon and scanning:
- ✅ Subdomain enumeration (subfinder, amass)
- ✅ Port & service discovery (nmap)
- ✅ Vulnerability scanning (nikto, wpscan, nuclei)
- ✅ SMB scanning (SMBMap)
- ✅ Network discovery (netdiscover)
- ✅ Directory fuzzing (ffuf, gobuster, feroxbuster)
- ✅ FTP enumeration (nmap --script ftp*)
- ✅ HTML report & log export
- ✅ Interactive CLI menu for repeated scans
Crafted and maintained by @AmilRSV.
graph TD
A[Start] --> B{Target Provided?}
B -- Yes --> C[Show Banner]
C --> D{Recon Mode?}
D -- Yes --> E[Run subfinder & amass]
E --> F[Run nmap scan]
D -- No --> F
F --> G[Run nikto, wpscan, nuclei]
G --> H[Run SMBMap & netdiscover]
H --> I[Run ffuf, gobuster, feroxbuster, FTP enum]
I --> J[Generate HTML report]
J --> K[Show menu]
K -->|1| L[View scan log]
K -->|2| M[View HTML report]
K -->|3| N[Run again]
K -->|0| O[Exit]
- Subdomain & recon tools: subfinder, amass
- Fast port & service scan: nmap
- Vulnerability scanning: nikto, wpscan, nuclei
- SMB enumeration: SMBMap
- Network discovery: netdiscover
- Directory brute-forcing: ffuf, gobuster, feroxbuster
- FTP enumeration: nmap --script ftp*
- Clean HTML report export
- Timestamped logs in
logs/folder - Interactive CLI menu
- Checks & prompts to install missing tools automatically
nmapsubfinderamassniktowpscannucleismbmapnetdiscoverffuf,gobuster,feroxbuster
git clone https://github.com/ravisairockey/Recon-Racket.git
cd Recon-Racket
sudo bash install.shGet up and running with a single command. This will clone the repository, install all necessary dependencies, and create a symbolic link so you can run the script from anywhere.
git clone https://github.com/ravisairockey/Recon-Racket.git
cd Recon-Racket
sudo bash install.sh./Reconamil.sh -t example.com [-r] [-p ports]| Option | Description |
|---|---|
-t target |
Specify target domain or IP (required) |
-r |
Enable recon mode (subfinder, amass) |
-p ports |
Ports to scan (default: top-ports 1000) |
-h |
Show help |
./Reconamil.sh -t example.com -r -p "1-1000"Expected:
- Runs subfinder & amass
- nmap scan on ports 1–1000
- nikto, wpscan, nuclei vulnerability checks
- SMB scan & network discovery
- Directory fuzzing & FTP enum
- Saves logs:
logs/scan_TIMESTAMP.txtlogs/recon_TIMESTAMP.txtlogs/report_TIMESTAMP.html
Includes:
- Target info
- Scan results & recon output
- Vulnerability findings
- SMB & FTP checks
- Directory fuzz results
(Screenshot / template coming soon!)
Add even more tools easily:
httpxfor HTTP probingSlack / Discordnotifications- Automatic upload to dashboards
Recon-Racket/
├── Reconamil.sh
├── install.sh
├── logs/
├── docs/
└── README.md
-w /usr/share/dirbuster/wordlists/director-list-2.3-medium.txt
Pull requests welcome!
Tips:
- Keep functions modular
- Use color codes for clarity
- Always log into
logs/
MIT License
Made with ❤️ by @AmilRSV
⚔️ “Automation is the future of recon.”