Skip to content
/ nullsec-recon Public

NullSec recon security toolkit - discord.gg/killers

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bad-antics/nullsec-recon

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
go
go
 
 
README.md
README.md
 
 
TECHNIQUES.md
TECHNIQUES.md
 
 

Repository files navigation

🔍 NullSec Recon

Advanced Reconnaissance & OSINT Toolkit

Discord GitHub License

Go Python TypeScript

    ███▄    █  █    ██  ██▓     ██▓      ██████ ▓█████  ▄████▄  
    ██ ▀█   █  ██  ▓██▒▓██▒    ▓██▒    ▒██    ▒ ▓█   ▀ ▒██▀ ▀█  
   ▓██  ▀█ ██▒▓██  ▒██░▒██░    ▒██░    ░ ▓██▄   ▒███   ▒▓█    ▄ 
   ▓██▒  ▐▌██▒▓▓█  ░██░▒██░    ▒██░      ▒   ██▒▒▓█  ▄ ▒▓▓▄ ▄██▒
   ▒██░   ▓██░▒▒█████▓ ░██████▒░██████▒▒██████▒▒░▒████▒▒ ▓███▀ ░
   ░ ▒░   ▒ ▒ ░▒▓▒ ▒ ▒ ░ ▒░▓  ░░ ▒░▓  ░▒ ▒▓▒ ▒ ░░░ ▒░ ░░ ░▒ ▒  ░
     ░    ░    ░   ░   ░         ░            ░   ░   ░        
   ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
   █░░░░░░░░░░░░░░░░░░ R E C O N ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█
   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
                       bad-antics

🔓 Join discord.gg/killers for premium features!

🎯 Features

Tool Language Description Free Premium
subfinder Go Fast subdomain discovery 🔥
dnsrecon Go DNS enumeration & zone transfer 🔥
wayback Python Wayback Machine scraper 🔥
gitscan Go GitHub/GitLab secret scanner 🔥
emailhunter Python Email address harvester 🔥
techdetect Go Technology stack detector 🔥

📁 Structure

nullsec-recon/
├── go/
│   ├── subfinder/       # Subdomain enumeration
│   ├── dnsrecon/        # DNS reconnaissance
│   ├── techdetect/      # Tech stack detection
│   └── gitscan/         # Git repository scanner
├── python/
│   ├── wayback.py       # Wayback Machine scraper
│   ├── emailhunter.py   # Email harvester
│   ├── whois_lookup.py  # WHOIS information
│   └── shodan_search.py # Shodan integration
└── scripts/
    ├── full_recon.sh    # Complete recon automation
    └── report_gen.py    # Report generator

🚀 Quick Start

# Subdomain enumeration
./subfinder -d example.com -o subdomains.txt

# DNS reconnaissance
./dnsrecon -d example.com --all

# Wayback URLs
python3 wayback.py -d example.com -o urls.txt

# Full automated recon
./scripts/full_recon.sh example.com

🔧 Tool Details

subfinder (Go) - Subdomain Discovery

Sources:

  • Certificate Transparency (crt.sh)
  • DNS bruteforce
  • Search engines (Google, Bing, Yahoo)
  • VirusTotal, SecurityTrails
  • Web archives
# Basic enumeration
./subfinder -d target.com

# With custom wordlist
./subfinder -d target.com -w subdomains.txt

# Multiple sources
./subfinder -d target.com --all -o results.txt

# JSON output
./subfinder -d target.com -json | jq

techdetect (Go) - Technology Detection

Detects:

  • Web frameworks (React, Angular, Vue)
  • CMS (WordPress, Drupal, Joomla)
  • Web servers (nginx, Apache, IIS)
  • Programming languages
  • CDN providers
  • Analytics/tracking
# Scan single URL
./techdetect -u https://example.com

# Scan list of URLs
./techdetect -l urls.txt -o tech_report.json

⚠️ Legal Disclaimer

For authorized security testing only. Only perform reconnaissance on systems you have permission to test.

NullSec Framework | GitHub | Discord

About

NullSec recon security toolkit - discord.gg/killers

Topics

osint bug-bounty pentesting information-gathering security-tools reconnaissance hacking-tools subdomain-enumeration asset-discovery recon-tools nullsec

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages