{"id":13603102,"url":"https://github.com/kh4sh3i/smartrecon","last_synced_at":"2026-04-30T16:36:53.997Z","repository":{"id":56731556,"uuid":"502159183","full_name":"kh4sh3i/smartrecon","owner":"kh4sh3i","description":"smartrecon is a powerful shell script to automate the recon and finding common vulnerabilities for bug hunter ","archived":false,"fork":false,"pushed_at":"2024-04-03T20:34:40.000Z","size":178,"stargazers_count":156,"open_issues_count":1,"forks_count":42,"subscribers_count":5,"default_branch":"main","last_synced_at":"2026-04-30T16:36:51.250Z","etag":null,"topics":["bug-bounty-automation","bugbounty","dnsgen","eyewitness","feroxbuster","hackerone","hacking","httprobe","httpx","massdns","penetration-testing","pentest","pentest-scripts","recon","reconnaissance","redteam","shuffledns","sqlmap","subfinder","tools"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kh4sh3i.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-06-10T19:31:07.000Z","updated_at":"2026-03-04T23:04:42.000Z","dependencies_parsed_at":"2024-06-21T13:12:41.149Z","dependency_job_id":"d37777fd-8d97-4a81-9ebc-0ad55f0037d5","html_url":"https://github.com/kh4sh3i/smartrecon","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/kh4sh3i/smartrecon","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kh4sh3i%2Fsmartrecon","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kh4sh3i%2Fsmartrecon/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kh4sh3i%2Fsmartrecon/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kh4sh3i%2Fsmartrecon/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kh4sh3i","download_url":"https://codeload.github.com/kh4sh3i/smartrecon/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kh4sh3i%2Fsmartrecon/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32470879,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-30T13:12:12.517Z","status":"ssl_error","status_checked_at":"2026-04-30T13:12:06.837Z","response_time":57,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bug-bounty-automation","bugbounty","dnsgen","eyewitness","feroxbuster","hackerone","hacking","httprobe","httpx","massdns","penetration-testing","pentest","pentest-scripts","recon","reconnaissance","redteam","shuffledns","sqlmap","subfinder","tools"],"created_at":"2024-08-01T18:01:50.903Z","updated_at":"2026-04-30T16:36:53.979Z","avatar_url":"https://github.com/kh4sh3i.png","language":"Shell","funding_links":[],"categories":["bugbounty"],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e\n  \u003cbr\u003e\n  \u003ca href=\"\"\u003e\u003cimg src=\"/img/logo.png\" alt=\"\" width=\"300px;\"\u003e\u003c/a\u003e\n  \u003cbr\u003e\n  \u003cimg src=\"https://img.shields.io/badge/PRs-welcome-blue\"\u003e\n  \u003cimg src=\"https://img.shields.io/github/last-commit/kh4sh3i/smartrecon\"\u003e \n  \u003cimg src=\"https://img.shields.io/github/commit-activity/m/kh4sh3i/smartrecon\"\u003e\n  \u003ca href=\"https://twitter.com/intent/follow?screen_name=kh4sh3i_\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/kh4sh3i_?style=flat\u0026logo=twitter\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/kh4sh3i\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/kh4sh3i?style=flat\u0026logo=github\"\u003e\u003c/a\u003e\n\u003c/h1\u003e\n\n# smartrecon\nsmartrecon is a script written in Bash, it is intended to automate some tedious tasks of reconnaissance and information gathering\n\n## Usage\n```\nsudo ./smartrecon.sh -d domain.com \u003coption\u003e\n  option:\n    -a | --alt   : Additionally permutate subdomains\t\n    -b | --brute : Basic directory bruteforce\n    -f | --fuzz  : SSRF/XSS/Nuclei/CORS/prototype fuzzing\t\n    -s | --ssrf  : SSRF fuzzing\t\n    -x | --xss   : XSS fuzzing\t  \n    -n | --nuclei: Nuclei fuzzing\t\n    -c | --cors  : Cors fuzzing\t  \n    -p | --pp    : prototype pollution fuzzing\t\n\n```\n\n## Main Features\n* Create a dated folder with recon notes\n* Grab subdomains using:\n    * subfinder, assetfinder, SonarSearch, cert.sh\n    * dnsgen , shuffledns , massdns\n* Find any CNAME records pointing to unused cloud services like aws\n* Probe for live hosts with shuffledns and fresh resolver\n* Web servers hunting [httpx] over top 50 ports\n* Grab a screenshots of responsive hosts with gowitness\n* Extract wayback import data\n* Perform naabu on specific ports\n* Perform dirsearch for all subdomains\n* find exposure data with nuclei scanner\n* find XSS, SSRF, cache poisoning vulnerability\n* send notifiaction wthi notify tools to discord,telegram,...\n* Generate a HTML report with output from the tools above\n\n\n\n## Installation \u0026 Requirements\n```\ngit clone https://github.com/kh4sh3i/smartrecon.git\ncd smartrecon\nchmod +x install.sh\n./install.sh\n```\n\n\n## Tools\n*  SonarSearch\n*  subfinder\n*  assetfinder\n*  dnsgen\n*  Fresh Resolvers\n*  shuffledns\n*  Massdns\n*  goWitness\n*  Waybackurls\n*  httpx\n*  gf\n*  interestingEXT\n*  feroxbuster\n*  naabu\n*  sqlmap-dev\n*  Unfurl\n*  nuclei\n*  dalfox\n*  ParamSpider\n*  qsreplace\n*  notify\n*  Seclists collection\n*  CorsMe\n*  ppmap\n\n\n\n\n## Vulnerability \nthis is not only recon tools ! we automate find bug for your :D\ntoday we can find below bug :\n* XSS\n* SSRF\n* data exposure\n* Broken authentication\n* cache poisoning\n* subdomain takeover\n* Cors \n* prototype pollution\n\n\n### Tips\nfor send notification you should config ($HOME/.config/notify/provider-config.yaml) with discord webhook ulr.\n\n\n## System Requirements\n* Recommended to run on vps with 1VCPU and 2GB ram.\n\n\n## Contributing\nIf you want to contribute to a project and make it better, your help is very welcome. \n\n## product Roadmap\n* add open redirect scanner\n* add sql injection scanner\n* increase performance\n* fix some bugs\n\n\n### Thanks\n* [nahamsec - Ben Sadeghipour](https://github.com/nahamsec)\n* [Tom Hudson - Tomonomnom](https://github.com/tomnomnom)\n* [Jason Haddix](https://github.com/jhaddix)\n* [ProjectDiscovery](https://github.com/projectdiscovery)\n* [Orange Cyberdefense](https://github.com/sensepost)\n* [HAHWUL](https://github.com/hahwul)\n* [Devansh Batham](https://github.com/devanshbatham)\n* [Daniel Miessler](https://github.com/danielmiessler)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkh4sh3i%2Fsmartrecon","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkh4sh3i%2Fsmartrecon","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkh4sh3i%2Fsmartrecon/lists"}