← 返回命令列表

Linux command

recon-ng 命令

文本

复制后可按需替换文件名、目录或参数。

常用示例

Start recon-ng

recon-ng

Create or load a workspace

recon-ng -w [workspace_name]

List available modules

marketplace search

Install a module

marketplace install [module_name]

Load a module

modules load [module_name]

Show module options

options list

Run the loaded module

run

说明

recon-ng is a modular reconnaissance framework for gathering open-source intelligence (OSINT). Designed with a Metasploit-like interface, it provides a familiar workflow for security professionals conducting the information-gathering phase of assessments. The framework uses workspaces to organize reconnaissance projects, with each workspace maintaining its own database of collected data (domains, hosts, contacts, credentials, etc.). Modules can query this data and add new findings, building comprehensive intelligence profiles. Modules cover various reconnaissance categories: discovery (subdomain enumeration, port scanning), recon (WHOIS, DNS records, social media), import (data ingestion), and reporting (HTML, JSON, Excel exports). Many modules integrate with external APIs (Shodan, VirusTotal, HaveIBeenPwned) requiring API keys.

参数

-w _workspace_
Create or load the specified workspace
-r _resource_
Execute resource file (automation script)
--no-analytics
Disable anonymous usage tracking
--no-version
Disable version check at startup
--no-marketplace
Disable remote marketplace access
--stealth
Disable all passive network requests made by the framework itself
--accessible
Use accessible output where available
-h, --help
Display help message

FAQ

What is the recon-ng command used for?

recon-ng is a modular reconnaissance framework for gathering open-source intelligence (OSINT). Designed with a Metasploit-like interface, it provides a familiar workflow for security professionals conducting the information-gathering phase of assessments. The framework uses workspaces to organize reconnaissance projects, with each workspace maintaining its own database of collected data (domains, hosts, contacts, credentials, etc.). Modules can query this data and add new findings, building comprehensive intelligence profiles. Modules cover various reconnaissance categories: discovery (subdomain enumeration, port scanning), recon (WHOIS, DNS records, social media), import (data ingestion), and reporting (HTML, JSON, Excel exports). Many modules integrate with external APIs (Shodan, VirusTotal, HaveIBeenPwned) requiring API keys.

How do I run a basic recon-ng example?

Run `recon-ng` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does -w _workspace_ do in recon-ng?

Create or load the specified workspace