Recon-ng is a true framework whose interface is modeled after the very popular and powerful Metasploit Framework. Complete with independent modules, database interaction, built in convenience functions, interactive help, and command completion, Recon-ng provides a powerful environment in which open source web-based reconnaissance can be conducted quickly and thoroughly.
Recon-ng is not intended to compete with any existing framework, as it was designed exclusively for web-based reconnaissance. recon-ng which can perform web-based reconnaissance and it can be used in social engineering engagements or for extracting information that exists on the web.
How to install Recon-ng ?
Discovering Contact with help of Recon-ng?
type help in the framework in order to see a list with all the available commands.
We can see that there is a command named modules.We will type that command to check the existing modules that we can use.In the next image you can see a sample of the available modules.
Here is a module called contacts_jigsaw. Jigsaw is a website similar to Linkedin that contains a large database of business contacts. So let’s say that we want to discover the contacts of a company that exists on jigsaw. We will load the module with the command load contacts_jigsaw and we will set the domain of our preference.
Discover additional Domain of same company?
we can try to use the Google module to discover additional domains of the same company. In this example I am using netcraft modules.
Recon-ng gives us also the ability to extract the results in CSV format or in an HTML file.
This tool is really simple to use and it holds every result in its database for later use.The report that generates is well formatted and if in the future additional modules will added on the framework.