All, For those that may not have seen via Twitter, and don't read PaulDotCom, I'd like to share with you the release of a tool I have been working over the past several months: the Recon-ng Framework. It is based largely on the recon scripts I released at DerbyCon and Hack3rCon last year, but is a full fledged framework in the way that the Metasploit Framework is a framework. Recon-ng is written in Python and has a completely separate purpose from Metsaploit. Therefore, it does not overlap in terms of where it fits into the penetration testing methodology and provides those who enjoy coding in Python a project to contribute to. There is a lot of room for community contributions. I have added a bunch of module and enhancement ideas to the issue tracker if anyone is interested. I am very excited about this. We've been using it at Black Hills Information Security over the past several months and it has drastically increased our efficiency and effectiveness during the penetration testing process. At times, we've had valid authentication credentials for a target without ever sending a packet to the network. Please check it out and let me know what you think. I encourage any and all input, as I am not a programmer, just someone who likes to code. Thanks.
Usage and Development documentation is available on the repository wiki page. https://bitbucket.org/LaNMaSteR53/recon-ng -- Tim Tomes http://lanmaster53.com/ _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
