## ๐ต๏ธ Recon-ng Cheatsheet
Recon-ng is a powerful web reconnaissance framework with a modular structure, similar to Metasploit.
##
## ๐งฐ Installation & Setup
| Command | Description |
|---|---|
sudo apt install recon-ng |
Install Recon-ng on Debian/Ubuntu. |
git clone https://github.com/lanmaster53/recon-ng.git && cd recon-ng && pip install -r REQUIREMENTS |
Manual installation from GitHub. |
recon-ng |
Launch the Recon-ng console. |
## โ๏ธ Workspace Management
| Command | Description |
|---|---|
workspaces |
List all existing workspaces. |
workspaces create <name> |
Create a new workspace. |
workspaces select <name> |
Switch to an existing workspace. |
workspaces delete <name> |
Delete a workspace. |
## ๐ฅ Importing Data
| Command | Description |
|---|---|
db insert domains <domain> |
Insert a domain into the database. |
db insert hosts <host> |
Insert a host into the database. |
db insert companies <name> |
Insert a company into the database. |
db import <file> |
Import data from a CSV file. |
## ๐ฆ Module Management
| Command | Description |
|---|---|
modules search <keyword> |
Search for modules by keyword. |
modules load <module path> |
Load a specific module. |
modules reload |
Reload all modules. |
show modules |
List all available modules. |
## โ๏ธ Running Modules
| Command | Description |
|---|---|
use <module> |
Load a module (e.g., use recon/domains-hosts/bing_domain_web). |
show options |
Show options required by the current module. |
set <option> <value> |
Set a value for a module option. |
run |
Execute the loaded module. |
## ๐ Common Recon Modules
| Module | Description |
|---|---|
recon/domains-hosts/bing_domain_web |
Find hosts using Bing search engine. |
recon/domains-vulnerabilities/xssed |
Find XSS vulnerabilities. |
recon/domains-contacts/whois_pocs |
Get contact info from Whois records. |
recon/hosts-hosts/resolve |
Resolve hostnames to IP addresses. |
recon/hosts-ports/shodan_hostname |
Get open ports via Shodan. |
recon/hosts-domains/reverse_resolve |
Reverse resolve IP addresses to hostnames. |
## ๐ค Exporting Data
| Command | Description |
|---|---|
show tables |
Show data tables in the workspace. |
select * from <table> |
View data in a specific table. |
export csv <filename> |
Export data to a CSV file. |
report html <filename> |
Generate a full HTML report. |
## ๐ Other Useful Commands
| Command | Description |
|---|---|
keys add <service> <key> |
Add an API key for a service. |
keys list |
List added API keys. |
marketplace search <term> |
Search for external modules. |
help |
Show help information. |
exit |
Exit Recon-ng. |
## ๐งช Example Workflow
# Start Recon-ng
recon-ng
# Create and use a workspace
workspaces create test
workspaces select test
# Add a domain and run a module
db insert domains example.com
use recon/domains-hosts/bing_domain_web
set SOURCE example.com
run
# Export results
show tables
select * from hosts
export csv example_hosts.csv