Tool:: Ultimate Web Recon
UltimateWebRecon :: Download
https://github.com/yehgdotnet/Web-Recon
UltimateWebRecon :: Intro
With the prevalence of frame-busting scripts or X-Frame-Options header, our web-based Recon page is likely to be unusable soon in the future. So, we've coded a small Windows-based application that does the same.
UltimateWebRecon :: Minimum System Requirement
- Microsoft .NET Framework 4+
http://www.microsoft.com/en-us/download/details.aspx?id=17718
UltimateWebRecon :: Database Update
- Select Help > Update Database.
UltimateWebRecon :: Program Update
- The application should detect automatically at next launch after database update.
UltimateWebRecon :: Database Structure
The application uses an XML data file reconDb.xml which contains a list of common web resources that we use in our daily penetration testing projects. You can examine the file's XML tag and attribute structure to add your own favorite URLs under classified categories. An example goes like this:
<link name="Shodan" value="http://www.shodanhq.com/?q=%s" compatible="yes" ontextfield="" />
compatible (yes|no) - If it's set to 'Yes', it means the site is compatible with the IE rendering engine of the application. And the application will load the site.
ontextfield (string) - text field input ID or name of site page. Once the page is loaded, Query text value of the application will be copied into the site page text field input so that you do not need type it. This is applicable for those sites that allows only HTTP POST request. This feature may not be reliable at all times due to time out triggered by long loading time of multiple page elements like js, css, ...etc.all - fill query string in all input text fields. We may update the application to support POST-based request in the future but not for now.
UltimateWebRecon :: License
Ultimate Web Recon is under Freeware license. Permission is granted for use at your own risk.
UltimateWebRecon :: Legality
To comply with each web site's Terms of Service, the program does not/will not have automated query feature. It is designed to assist in human's manual research and analysis of information to be gathered.
https://github.com/yehgdotnet/Web-Recon
UltimateWebRecon :: Intro
With the prevalence of frame-busting scripts or X-Frame-Options header, our web-based Recon page is likely to be unusable soon in the future. So, we've coded a small Windows-based application that does the same.
UltimateWebRecon :: Minimum System Requirement
- Microsoft .NET Framework 4+
http://www.microsoft.com/en-us/download/details.aspx?id=17718
UltimateWebRecon :: Database Update
- Select Help > Update Database.
UltimateWebRecon :: Program Update
- The application should detect automatically at next launch after database update.
UltimateWebRecon :: Database Structure
The application uses an XML data file reconDb.xml which contains a list of common web resources that we use in our daily penetration testing projects. You can examine the file's XML tag and attribute structure to add your own favorite URLs under classified categories. An example goes like this:
<link name="Shodan" value="http://www.shodanhq.com/?q=%s" compatible="yes" ontextfield="" />
compatible (yes|no) - If it's set to 'Yes', it means the site is compatible with the IE rendering engine of the application. And the application will load the site.
ontextfield (string) - text field input ID or name of site page. Once the page is loaded, Query text value of the application will be copied into the site page text field input so that you do not need type it. This is applicable for those sites that allows only HTTP POST request. This feature may not be reliable at all times due to time out triggered by long loading time of multiple page elements like js, css, ...etc.all - fill query string in all input text fields. We may update the application to support POST-based request in the future but not for now.
UltimateWebRecon :: License
Ultimate Web Recon is under Freeware license. Permission is granted for use at your own risk.
UltimateWebRecon :: Legality
To comply with each web site's Terms of Service, the program does not/will not have automated query feature. It is designed to assist in human's manual research and analysis of information to be gathered.
