Showing posts from May, 2013

toolsmith: Recon-ng

Prerequisites/dependencies Python interpreter-enabled system, Kali Linux utilized for this review
Introduction The community of tools and developers converges again this month as we explore Tim Tomes’ Recon-ng. Jeremy Druin, whose NOWASP Mutillidae we explored in August 2012’s toolsmith, introduced me to Tim, having recognized another great tool worthy of exploration and sharing with toolsmith nation. Recon-ng is optimized for use during the reconnaissance phase of web application penetration testing. You’ll note convergence again given that we described managing web application penetration testing phases in last month’s toolsmith regarding Redmine. Tim says it best on his Recon-ng site: “Recon-ng is not intended to compete with existing frameworks, as it is designed exclusively for web-based open source reconnaissance. If you want to exploit, use the Metasploit Framework. If you want to Social Engineer, us the Social Engineer Toolkit. If you want to conduct reconnaissance, use Recon-n…