-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Advanced Web Reconnaissance Framework by VIPHACKER100 For Ethical Hackers | Bug Bounty Hunters | Penetration Testers
__ _______ _____ _____
\ \ / /_ _| __ \| __ \
\ \ / / | | | |__) | |__) |___ ___ ___ _ __
\ \/ / | | | ___/| _ // _ \/ __/ _ \| '_ \
\ / _| |_| | | | \ \ __/ (_| (_) | | | |
\/ |_____|_| |_| \_\___|\___\___/|_| |_|
[ VIPHACKER100 ] β Hack Ethically.
- Overview
- Features
- Installation
- Usage
- Modules
- Output & Reports
- Configuration
- Changelog
- Ethical Use Policy
- Author
VIPRecon is a modular, Python-powered web reconnaissance framework built for security researchers, bug bounty hunters, and penetration testers operating on authorized targets only.
Developed under the VIPHACKER100 brand, VIPRecon consolidates seven critical recon phases into a single CLI workflow β eliminating the need to juggle multiple scattered tools during an engagement.
Whether you're performing pre-assessment reconnaissance for a bug bounty program or mapping an attack surface during an authorized pentest, VIPRecon gives you structured, actionable intelligence β fast.
| Attribute | Details |
|---|---|
| Language | Python 3.6+ |
| Platform | Linux / Kali Linux / Termux / macOS |
| Type | CLI Tool |
| License | MIT |
| Author | VIPHACKER100 (Aryan Ahirwar) |
| Status | Active Development |
- 7 Recon Modules in a unified CLI pipeline
- Colorized terminal output with hacker-aesthetic formatting
- JSON / TXT report generation per scan session
- Modular execution β run all modules or cherry-pick specific ones
- Passive & Active modes for stealth vs. speed tradeoffs
- Scope guard β built-in authorization prompts before scanning
- Low dependency footprint β runs on Python 3.6+ without heavy setup
- Kali Linux & Termux compatible
Python >= 3.6
pip3
git# Clone the repository
git clone https://github.com/VIPHACKER100/VIPRecon.git
cd VIPRecon
# Install dependencies
pip3 install -r requirements.txtsudo apt update && sudo apt install python3 python3-pip git -y
git clone https://github.com/VIPHACKER100/VIPRecon.git
cd VIPRecon
pip3 install -r requirements.txtpkg update && pkg install python git -y
git clone https://github.com/VIPHACKER100/VIPRecon.git
cd VIPRecon
pip3 install -r requirements.txtpython3 viprecon.py -t <target> [options]| Flag | Description |
|---|---|
-t, --target
|
Target domain or IP (e.g. example.com) |
-m, --module
|
Run a specific module (e.g. dns, ports) |
-a, --all
|
Run all recon modules sequentially |
-o, --output
|
Save results to file (JSON/TXT) |
-p, --passive
|
Passive mode (no direct target requests) |
-v, --verbose
|
Verbose output |
--timeout |
Request timeout in seconds (default: 10) |
# Run full recon on a target
python3 viprecon.py -t example.com --all
# Run only DNS enumeration
python3 viprecon.py -t example.com -m dns
# Run port scan and save output
python3 viprecon.py -t example.com -m ports -o results.json
# Passive recon with verbose output
python3 viprecon.py -t example.com --all -p -v
# Tech fingerprinting + header analysis
python3 viprecon.py -t example.com -m tech -m headersVIPRecon is built around 7 core recon modules, each targeting a distinct layer of a web target's attack surface.
Module flag: -m dns
Performs comprehensive DNS reconnaissance to map the target's domain infrastructure.
Capabilities:
- A, AAAA, MX, NS, TXT, CNAME, SOA record extraction
- Subdomain bruteforce using a built-in wordlist
- Zone transfer attempt (AXFR)
- Reverse DNS lookup on discovered IPs
- SPF / DMARC misconfiguration detection
python3 viprecon.py -t example.com -m dnsSample Output:
[+] A Record β 93.184.216.34
[+] MX Record β mail.example.com
[+] Subdomain β dev.example.com [LIVE]
[+] Subdomain β staging.example.com [LIVE]
[!] Zone Transfer β FAILED (expected)
[!] SPF β No SPF record found β possible email spoofing risk
Module flag: -m ports
Identifies open ports and service banners on the target host.
Capabilities:
- Top 1000 common port scan
- Full 0β65535 sweep (with
--full-portflag) - Service version detection
- Banner grabbing
- Common risky service detection (FTP, Telnet, RDP, etc.)
python3 viprecon.py -t example.com -m portsSample Output:
[+] 22/tcp OPEN β OpenSSH 8.9p1 Ubuntu
[+] 80/tcp OPEN β Apache httpd 2.4.52
[+] 443/tcp OPEN β nginx/1.18.0
[!] 21/tcp OPEN β vsftpd 3.0.3 [RISKY β FTP open]
Module flag: -m tech
Fingerprints the target's web stack and third-party services.
Capabilities:
- CMS detection (WordPress, Joomla, Drupal, etc.)
- Web server identification
- Backend language detection (PHP, Python, Node.js, etc.)
- CDN detection (Cloudflare, Akamai, AWS CloudFront)
- JavaScript framework detection (React, Angular, Vue)
- Version disclosure checks
python3 viprecon.py -t example.com -m techSample Output:
[+] Web Server β Apache/2.4.52
[+] CMS β WordPress 6.2 [Outdated]
[+] Language β PHP/8.1.2
[+] CDN β Cloudflare
[!] Version β WordPress version exposed in meta generator tag
Module flag: -m headers
Audits HTTP response headers for security misconfigurations aligned with OWASP best practices.
Capabilities:
- Strict-Transport-Security (HSTS) check
- Content-Security-Policy (CSP) evaluation
- X-Frame-Options detection
- X-Content-Type-Options check
- Referrer-Policy audit
- Permissions-Policy analysis
- Server version disclosure detection
- Cookie security flags (Secure, HttpOnly, SameSite)
python3 viprecon.py -t example.com -m headersSample Output:
[β] HSTS β Present
[β] Content-Security-Policy β MISSING [HIGH RISK]
[β] X-Frame-Options β MISSING [Clickjacking possible]
[β] X-Content-Type-Options β nosniff
[!] Server Header β Apache/2.4.52 β version disclosed
Module flag: -m content
Discovers hidden files, directories, endpoints, and sensitive paths on the target.
Capabilities:
- Directory bruteforce with common wordlists
- Backup file detection (
.bak,.old,.zip,.tar.gz) - Admin panel discovery (
/admin,/dashboard,/wp-admin, etc.) - Config file exposure check (
/.env,/config.php,/wp-config.php) - Git/SVN repository exposure (
.git/,.svn/) - Sitemap and robots.txt analysis
python3 viprecon.py -t example.com -m contentSample Output:
[+] /robots.txt β Found [Disallowed: /admin, /private]
[+] /sitemap.xml β Found
[!] /.env β Found [CRITICAL β ENV file exposed]
[!] /.git/ β Found [Git repo exposed β source leak risk]
[+] /admin β 302 Redirect β /admin/login
Module flag: -m vulns
Performs lightweight, non-intrusive checks for common web vulnerabilities relevant to bug bounty programs.
Capabilities:
- Open redirect detection
- Reflected XSS probe (basic payload test)
- SQL error heuristics (error-based SQLi indicators)
- CORS misconfiguration check
- Clickjacking vulnerability test
- SSRF-prone parameter detection
- Sensitive info in page source (API keys, tokens)
β οΈ Note: All checks are performed using safe, non-destructive payloads. Full exploitation is outside the scope of this module.
python3 viprecon.py -t example.com -m vulnsSample Output:
[!] CORS β Wildcard (*) origin allowed [MEDIUM]
[!] Redirect β /redirect?url= parameter β possible open redirect
[+] XSS Probe β No reflection detected on tested params
[!] Source Scan β Possible API key pattern found in /assets/app.js
Module flag: -m js
Extracts and analyzes JavaScript files for hidden endpoints, API keys, and sensitive data.
Capabilities:
- Inline and external JS file enumeration
- Endpoint / API route extraction
- Hardcoded secret detection (API keys, tokens, passwords)
- Third-party service detection (Firebase, Stripe, AWS, etc.)
- Source map file detection
- Webpack bundle analysis
python3 viprecon.py -t example.com -m jsSample Output:
[+] JS File β /assets/main.bundle.js [547KB]
[+] Endpoint β /api/v1/users
[+] Endpoint β /api/v1/admin/settings [INTERESTING]
[!] Secret β AWS Access Key pattern detected in main.bundle.js
[!] Source Map β /assets/main.bundle.js.map β source exposure risk
VIPRecon saves a structured report after each scan session.
| Format | Flag | Description |
|---|---|---|
| TXT | -o report.txt |
Plain text, human-readable |
| JSON | -o report.json |
Structured data for automation/APIs |
VIPRecon/
βββ output/
βββ example.com_2025-05-29/
βββ dns_results.txt
βββ port_results.txt
βββ tech_results.txt
βββ headers_results.txt
βββ content_results.txt
βββ vulns_results.txt
βββ js_results.txt
βββ full_report.json
The config.py file allows customization of tool behavior:
# config.py
TIMEOUT = 10 # Request timeout in seconds
THREADS = 20 # Concurrent threads
WORDLIST_DIR = "wordlists/" # Path to directory wordlists
USER_AGENT = "VIPRecon/1.0 (VIPHACKER100)"
OUTPUT_DIR = "output/"
MAX_REDIRECTS = 5
PASSIVE_MODE = False # Set True to skip active requests- 7 core recon modules deployed
- CLI argument parsing via
argparse - JSON + TXT output support
- Colorized terminal output
- Scope guard authorization prompt
- Kali Linux & Termux compatibility
VIPRecon is built for AUTHORIZED use only.
By using this tool, you agree to the following:
- You have explicit written permission to test the target system.
- You will not use this tool against systems you do not own or have authorization to test.
- You will comply with all applicable local and international laws.
- You accept full responsibility for any use or misuse of this tool.
This tool is intended for:
- Bug bounty programs (HackerOne, Bugcrowd, Intigriti, etc.)
- Authorized penetration testing engagements
- CTF (Capture The Flag) challenges
- Security research in lab/controlled environments
Unauthorized use is illegal and unethical. The author bears no responsibility for misuse.
| Field | Details |
|---|---|
| Name | Aryan Ahirwar |
| Alias | VIPHACKER100 |
| Focus | Ethical Hacking Β· Bug Bounty Β· Penetration Testing |
| Stack | Python Β· Kali Linux Β· OWASP Β· Bug Bounty Platforms |
| GitHub | github.com/VIPHACKER100 |
| Web | viphacker100.com |
"Hack the system. Respect the rules. Report ethically." β VIPHACKER100