Recon is an essential element of any penetration testing. This repository contain a powerful shell script to maximize the recon and data collection process of an objective. With this script you can easily find:
- Sensitive information disclosure.
- Open S3 buckets.
- Subdomain takeovers.
- Open ports and services.
- Endpoints.
- Directories.
- Other quick bugs.
The author of this document take no responsibility for correctness. This project is merely here to help guide security researchers towards determining whether something is vulnerable or not, but does not guarantee accuracy. Warning: This code was originally created for personal use, it generates a substantial amount of traffic, please use with caution.
- Sublist3r
- Assetfinder
- httprobe
- curl
- relative-url-extractor
- Nmap
- Aquatone
- Dirb
./magicRecon.sh <domain>
- Special Thanks to Mohd Shibli for his great contributions in the article Fasten your Recon process using Shell Scripting
- If you've earned a bug bounty using this tool, please consider donating to support it's development. You can help me to develop more useful tools. Thanks 😍
