From 2c7c14ec2731d2f5a8e1597705b79a9e6c09f376 Mon Sep 17 00:00:00 2001
From: thewhiteh4t
Date: Sat, 18 May 2024 21:50:51 +0530
Subject: [PATCH] readme updated
---
README.md | 121 ++++++++++++++++++++++--------------------------------
1 file changed, 49 insertions(+), 72 deletions(-)
diff --git a/README.md b/README.md
index efbad14..b1159a3 100644
--- a/README.md
+++ b/README.md
@@ -30,7 +30,7 @@ FinalRecon is an all in one **automatic web reconnaissance** tool written in pyt
-## Featured
+## Featured On
### Python For OSINT
* Hakin9 April 2020
@@ -66,25 +66,21 @@ FinalRecon provides detailed information such as :
* Links from Wayback Machine from Last 1 Year
* DNS Enumeration
- * A, AAAA, ANY, CNAME, MX, NS, SOA, TXT Records
+ * Over 40 types of Records are queried
* DMARC Records
* Subdomain Enumeration
* Data Sources
- * BuffOver
* crt.sh
- * ThreatCrowd
* AnubisDB
* ThreatMiner
- * Facebook Certificate Transparency API
- * Auth Token is Required for this source, read Configuration below
- * VirusTotal
- * API Key is Required
- * Shodan
- * API Key is Required
* CertSpotter
+ * Facebook (API)
+ * VirusTotal (API)
+ * Shodan (API)
+ * BeVigil (API)
-* Directory Searching
+* Directory Enumeration
* Support for File Extensions
* Wayback Machine
@@ -104,71 +100,56 @@ FinalRecon provides detailed information such as :
### API Keys
Some Modules Use API Keys to fetch data from different resources, these are optional, if you are not using an API key, they will be simply skipped.
-If you are interested in using these resources you can store your API key in **keys.json** file.
-`Path --> $HOME/.config/finalrecon/keys.json`
-
-If you don't want to use a key for a certain data source just set its value to `null`, by default values of all available data sources are null.
-
-#### Facebook Developers API
-
-This data source is used to fetch **Certificate Transparency** data which is used in **Sub Domain Enumeration**
-
-Key Format : `APP-ID|APP-SECRET`
-
-Example :
-
-```
-{
- "facebook": "9go1kx9icpua5cm|20yhraldrxt6fi6z43r3a6ci2vckkst3"
-}
-```
-
-Read More : https://developers.facebook.com/docs/facebook-login/access-tokens
-
-#### VirusTotal API
-
-This data source is used to fetch **Sub Domains** which are used in **Sub Domain Enumeration**
-
-Key Format : `KEY`
-
-Example :
+You can use **`-k`** to add the keys which will be saved in config directory automatically
-```
-{
- "virustotal": "eu4zc5f0skv15fnw54nkhj4m26zbteh9409aklpxhfpp68s8d4l63pn13rsojt9y"
-}
-```
-
-#### Shodan API
-
-This data source is used to fetch **Sub Domains** which are used in **Sub Domain Enumeration**
-
-Key Format : `KEY`
+```bash
+# Usage
+python3 finalrecon.py -k '@'
-Example :
+Valid Keys : 'bevigil', 'facebook', 'shodan', 'virustotal'
-```
-{
- "shodan": "eu4zc5f0skv15fnw54nkhj"
-}
+# Example :
+python3 finalrecon.py -k 'shodan@kl32lcdqwcdfv'
```
-#### BeVigil API
+`Path --> $HOME/.config/finalrecon/keys.json`
-This data source is used to fetch **Sub Domains** which are used in **Sub Domain Enumeration**
+| Source | Module | Link |
+|--------|--------|------|
+| Facebook | Sub Domain Enum | https://developers.facebook.com/docs/facebook-login/access-tokens |
+| VirusTotal | Sub Domain Enum | https://www.virustotal.com/gui/my-apikey |
+| Shodan | Sub Domain Enum | https://developer.shodan.io/api/requirements |
+| BeVigil | Sub Domain Enum | https://bevigil.com/osint-api |
-Key Format : `KEY`
+### JSON Config File
-Example :
+Default config file is available at `~/.config/finalrecon/config.json`
-```
+```json
{
- "bevigil": "bteh9409aklpxhfpp68s8d"
+ "common": {
+ "timeout": 30
+ },
+ "ssl_cert": {
+ "ssl_port": 443
+ },
+ "port_scan": {
+ "threads": 50
+ },
+ "dir_enum": {
+ "threads": 50,
+ "redirect": false,
+ "verify_ssl": false,
+ "dns_server": "8.8.8.8, 8.8.4.4, 1.1.1.1, 1.0.0.1",
+ "extension": ""
+ },
+ "export": {
+ "format": "txt"
+ }
}
```
-
## Tested on
* Kali Linux
@@ -228,19 +209,11 @@ And then use `finalrecon` to start your scan.
## Usage
```bash
-usage: finalrecon.py [-h] [--headers] [--sslinfo] [--whois] [--crawl]
- [--dns] [--sub] [--dir] [--wayback] [--ps]
- [--full] [-dt DT] [-pt PT] [-T T] [-w W] [-r]
- [-s] [-sp SP] [-d D] [-e E] [-o O]
- url
-
-FinalRecon - The Last Web Recon Tool You Will Need | v1.1.5
-
-positional arguments:
- url Target URL
+FinalRecon - All in One Web Recon | v1.1.6
options:
-h, --help show this help message and exit
+ --url URL Target URL
--headers Header Information
--sslinfo SSL Certificate Information
--whois Whois Lookup
@@ -253,6 +226,7 @@ options:
--full Full Recon
Extra Options:
+ -nb Hide Banner
-dt DT Number of threads for directory enum [ Default : 30 ]
-pt PT Number of threads for port scan [ Default : 50 ]
-T T Request Timeout [ Default : 30.0 ]
@@ -264,6 +238,9 @@ Extra Options:
-d D Custom DNS Servers [ Default : 1.1.1.1 ]
-e E File Extensions [ Example : txt, xml, php ]
-o O Export Format [ Default : txt ]
+ -cd CD Change export directory [ Default :
+ ~/.local/share/finalrecon ]
+ -k K Add API key [ Example : shodan@key ]
```
```bash