A lightweight, high-speed passive reconnaissance and web intelligence gathering tool written in Python. ShadowRecon extracts critical server details, maps subdomains, visualizes DNS architecture, and generates active search intelligence vectors without making intrusive connections to the target infrastructure.
- Infrastructure Fingerprinting: Extracts HTTP header insights, featuring modern TLS verification bypasses and firewall/CDN detection protocols.
- Subdomain Mapping: Queries high-availability public intelligence log sources to map unique exposed subdomains seamlessly.
- DNS Intelligence Visualization: Automatically enumerates and categorizes target domain DNS records including A, MX, NS, and TXT mapping.
- Automated Intelligence Dorking: Generates precise Google Dork links targeting configuration files, database backups, admin portals, and exposed sensitive documentation.
- Clean HTML Reporting: Compiles all captured operational insights into a standalone, dark-themed cyber reconnaissance static web report (
recon_report.html).
- Clone the repository and navigate to the project directory:
git clone https://github.com/fzirp/ShadowRecon.git
cd ShadowReconInstall the required network dependencies:
pip install -r requirements.txtRun the reconnaissance engine:
python shadow_recon.py๐ Sample Output The execution pipeline generates a professional standalone interactive summary dashboard tracking subdomains, raw DNS layers, technology stacks, and operational intelligence vectors.