Recon-Final adalah skrip bash sederhana untuk melakukan passive reconnaissance OSINT. Tool ini dirancang untuk membantu pengumpulan informasi pasif tentang domain target tanpa melakukan scanning agresif.
Use Case: Ideal untuk investigasi penipuan, audit keamanan, atau inventarisasi aset domain secara legal dan etis.
| Modul | Deskripsi |
|---|---|
| WHOIS/RDAP | Lookup informasi registrasi domain |
| DNS Enumeration | Query lengkap (NS, SOA, A, CNAME, TXT, dll) |
| Certificate Transparency | Pencarian subdomain via crt.sh |
| TLS Certificate | Dump sertifikat SSL/TLS |
| Web Content | Fetch halaman umum (index, robots.txt, privacy policy) |
| Subdomain Discovery | Menggunakan Amass (passive) dan Subfinder |
| IP Resolution | Resolve semua subdomain ke IP address |
| IP WHOIS | Lookup informasi pemilik IP ranges |
| Error Handling | Continue-on-error untuk tool yang tidak tersedia |
- OS: Linux (direkomendasikan Kali Linux)
- Bash: Version 4.0+
- Tools Dasar: whois, dig, curl, openssl
# Update system
root@kali:~$ sudo apt update
# Install dependencies dasar
root@kali:~$ sudo apt install -y whois dnsutils curl openssl amass
# Install Subfinder (opsional)
root@kali:~$ sudo apt install -y golang
GO111MODULE=on go install github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
root@kali:~$ sudo cp ~/go/bin/subfinder /usr/local/bin/# Beri hak eksekusi
root@kali:~$ chmod +x recon-final.sh
# Cara 1: Dengan argumen domain
root@kali:~$ ./recon-final.sh example.comroot@kali:~$ ./recon-final.sh example.com
*******************************************************************
* _____ ___ ____ _ _ ____ ____ _____ _____ __ ___ *
* ( _ )/ __)(_ _)( \( )(_ _) (_ _)( _ )( _ )( ) / __) *
* )(_)( \__ \ _)(_ ) ( )( )( )(_)( )(_)( )(__ \__ \ *
* (_____)(___/(____)(_)\_) (__) (__) (_____)(_____)(____)(___/ *
* *
* by h3x4z0r *
*******************************************************************
[2025-10-10T13:27:15-04:00] Starting passive recon for example.com
[2025-10-10T13:27:15-04:00] Added Go bin to PATH: /root/go/bin
[2025-10-10T13:27:15-04:00] FOUND: whois -> /usr/bin/whois
[2025-10-10T13:27:15-04:00] FOUND: rdap -> /usr/bin/rdap
[2025-10-10T13:27:15-04:00] FOUND: dig -> /usr/bin/dig
[2025-10-10T13:27:15-04:00] FOUND: amass -> /usr/bin/amass
[2025-10-10T13:27:15-04:00] FOUND: subfinder -> /root/go/bin/subfinder
[2025-10-10T13:27:15-04:00] FOUND: curl -> /usr/bin/curl
[2025-10-10T13:27:15-04:00] FOUND: openssl -> /usr/bin/openssl
[2025-10-10T13:27:15-04:00] Running whois...Dibuat dengan ❤️ untuk komunitas OSINT dan keamanan siber