Skip to content

osmankaankars/GhostRecon

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
modules
modules
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
config.json
config.json
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

👻 Ghost Recon: Enterprise OSINT Framework

Status Python License

Architected for Speed, Stealth & Precision.
Ghost Recon is a modular reconnaissance framework designed to automate the discovery of attack surfaces with advanced visualization and reporting.

🚀 Key Features

  • 🌐 Interactive Network Topology: Visualizes target infrastructure nodes and IP relationships using vis.js graph algorithms.
  • 🥷 Stealth Mode: Built-in evasion techniques (Random User-Agents, smart delays) to bypass WAFs (Akamai, Cloudflare).
  • 🔄 Auto-Update System: Automatically fetches the latest subdomain wordlists (SecLists) on startup.
  • 📸 Visual Intelligence: Automated screenshotting of live assets using headless browsers (Playwright).
  • 📊 Enterprise Dashboard: Responsive HTML reports with DataTables, Charts, and real-time Risk Scoring.
  • 🛡️ Vulnerability Detection:
    • Subdomain Takeover signatures (AWS, Heroku, etc.).
    • Sensitive File Fuzzing (.env, .git, config.php).
    • Login Portal Hunter.

🛠️ Architecture

The framework follows a clean, modular design:

  • modules/scanner.py — Core async scanning and reconnaissance engine
  • modules/reporter.py — HTML/JS report and dashboard generator
  • config.json — External configuration for signatures, thresholds, and runtime settings

📦 Installation

git clone https://github.com/osmankaankars/GhostRecon.git
cd GhostRecon
pip install -r requirements.txt
playwright install chromium

🎮 Usage

1️⃣ Standard Scan (Fast)

Ideal for quick reconnaissance and surface discovery.

python main.py target.com

2️⃣ Stealth Mode (OPSEC Safe)

Slower, low-noise scanning to reduce detection risk.

python main.py target.com --stealth

3️⃣ Update Resources

Force-update external wordlists and signatures.

python main.py target.com --update

🚧 Roadmap (Active Development)

  • Asyncio Migration: Full migration from ThreadPool to asyncio for ~10x performance gain.
  • API Integration: Native integration with Shodan & Censys APIs.
  • AI Analysis: LLM-based automated risk scoring and asset classification.

⚠️ Disclaimer

This framework is designed strictly for educational and authorized security testing purposes.
Unauthorized use against systems you do not own or have explicit permission to test is prohibited.

About

Enterprise-grade OSINT & Reconnaissance framework. Features interactive network topology mapping, WAF-bypassing stealth modes, and automated visual intelligence (Screenshotting) for attack surface discovery.

Topics

visualization python osint cybersecurity pentesting security-tools reconnaissance red-teaming subdomain-enumeration playwright

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages