EasyRecon is a modular, Red Team-focused web reconnaissance toolkit built with Flask and Python. It provides a web interface for common recon tasks such as WHOIS lookup, subdomain discovery, DNS lookup, HTTP header inspection, directory brute-forcing, SSL certificate info, and reverse IP lookup.
- WHOIS Lookup: Retrieve WHOIS information for any domain.
- Subdomain Finder: Discover common subdomains for a target domain.
- DNS Lookup: Get A records and other DNS info for a domain.
- HTTP Header Grabber: View HTTP response headers for any URL.
- Directory Brute Forcer: Find common directories on a web server.
- SSL Certificate Info: Inspect SSL certificate details for a domain.
- Reverse IP Lookup: Find PTR records for an IP address.
- Admin Command Execution: (For local testing only! Dangerous if exposed.)
docker build -t easyrecon .
docker run -p 5000:5000 easyreconThen open http://localhost:5000 in your browser.
pip install -r requirements.txt
python app.py/— Home/admin— Admin command execution (local only, not for production)/whois— WHOIS lookup/subdomains— Subdomain finder/dnslookup— DNS lookup/headers— HTTP header grabber/dirbrute— Directory brute forcer/sslinfo— SSL certificate info/reverseip— Reverse IP lookup
Do NOT expose this app to the public internet without removing or securing the /admin route.
This tool is for educational and authorized testing purposes only.
Developed by stanmouDev
MIT
Built for Red Teamers, penetration testers, and security researchers.