Information Gatheringnetworkreconnaissanceenumerationmulti-threadedpenetration-testingctf

AutoRecon

Multi-threaded network reconnaissance tool which performs automated enumeration of services. Intended as a time-saving tool for CTFs and penetration testing environments.

Description

AutoRecon is a multi-threaded network reconnaissance tool that automates the enumeration of services found on multiple targets. It performs port scanning and service-specific enumeration to streamline reconnaissance tasks.

It is designed for use in CTFs, OSCP, and other penetration testing environments, and may also be useful in real-world engagements. The tool integrates various dependencies like nmap, dirsearch, gobuster, and others to handle different enumeration tasks.

AutoRecon supports concurrent scans, customizable port lists, plugin configurations, and output reporting, making it efficient for scanning IP addresses, CIDR notations, or hostnames.

How It Works

AutoRecon conducts network reconnaissance by performing port scans on targets using tools like nmap, followed by automated service enumeration with plugins such as dirb, gobuster, nikto, smbmap, and others based on discovered services. It supports TCP/UDP scanning with custom port specifications (e.g., T: for TCP, U: for UDP, B: for both), multi-threading for concurrent scans, and plugin-based workflows for tasks like directory busting, bruteforcing, and vulnerability checks. Global and plugin-specific arguments allow customization of wordlists and tools.

Installation

bash

sudo apt install autorecon

Flags

-t, --target-file TARGET_FILERead targets from file.

-p, --ports PORTSComma separated list of ports / port ranges to scan. Specify TCP/UDP ports by prepending list with T:/U: To scan both TCP/UDP, put port(s) at start or specify B: e.g. 53,T:21-25,80,U:123,B:123. Default: None

-m, --max-scans MAX_SCANSThe maximum number of concurrent scans to run.

-c CONFIG_FILEConfiguration file.

--tags TAGSTags to filter plugins.

--exclude-tags TAGSTags to exclude plugins.

--dirbuster.tool {feroxbuster,gobuster,dirsearch,ffuf,dirb}The tool to use for directory busting. Default: feroxbuster

--global.username-wordlist VALUEA wordlist of usernames, useful for bruteforcing. Default: /usr/share/seclists/Usernames/top-usernames-shortlist.txt

--global.password-wordlist VALUEA wordlist of passwords, useful for bruteforcing. Default: /usr/share/seclists/Passwords/darkweb2017-top100.txt

Examples

Display help and usage information for the tool.

autorecon -h

Scan single IP address with default settings.

autorecon 10.0.0.1

Scan CIDR range for automated port scanning and service enumeration.

autorecon 10.0.0.1/24

Scan resolvable hostname with automated enumeration.

autorecon foo.bar

Read multiple targets from a file and perform reconnaissance.

autorecon -t targets.txt

Scan specific TCP/UDP ports on target.

autorecon -p T:21-25,80,U:123 10.0.0.1

Run maximum 10 concurrent scans on CIDR range.

autorecon -m 10 10.0.0.1/24

Updated 2026-04-16kali.org ↗