ReNgine - Reconnaissance Tool
reNgine is an open source reconnaissance tool that automates the intel gathering [1]also known as information gathering process for penetration testers. reNgine is primarily focused on gathering information for web applications. reNgine uses various open source tools, streamlines the recon process using highly configurable YAML based Scan Engines[2].
| Developer(s) | Yogesh Ojha |
|---|---|
| Initial release | July 2020[3] |
| Stable release | 1.0[3]
/ 15 August 2021 |
| Repository | https://github.com/yogeshojha/rengine |
| Written in | Python |
| Engine | |
| Type | Security |
| License | GPL |
Search ReNgine - Reconnaissance Tool on Amazon.
As a reconnaissance framework, reNgine is capable of performing[4]
- Subdomain Discovery
- Port Scanning
- Fetching Endpoints
- Vulnerability Scan
- OSINT (Employees, Emails) Discovery
- Directory Bruteforce
reNgine is available under the GNU General Public License.
Recon Data Correlation[edit]
reNgine uses various open-source tools under the hood to perform recon[5] and does data correlation on top of the results produced by the various tool. Due to this Recon Data Correlation, it is possible to display results produced by the various tools and establish relationships between them. For example, reNgine uses Subfinder[6] as a tool to gather subdomains and uses Naabu[7] to perform Port Scan, reNgine uses these tools via Scan Engines[2] and once the results from both tools are produced, reNgine will perform data correlation and will be able to display scan results in Tabular Format. Similarly, reNgine will perform various Reconnaissance like Subdomain Discovery, Port Scanning, Endpoint gathering, OSINT, Vulnerability Scan and does a correlation of the results from these various Reconnaissance process.
Features[5][edit]
- Perform Recon: Subdomain Discovery, Ports Discovery, Endpoints Discovery, Directory Bruteforce, Screenshot gathering
- IP Discovery, CNAME discovery, Vulnerability scan using Nuclei
- Ability to Automatically report Vulnerabilities to Hackerone
- Support for Parallel Scans
- Recon Data visualization
- Highly configurable scan engines
- OSINT Capabilities (Meta info Gathering, Employees Gathering, Email Address with option to look password in leaked database, dorks etc)
- Customizable Alerts/Notification on Slack, Discord and Telegram
- Perform Advanced Query lookup using natural language alike and, or, not operations
- Support for Recon Notes and Todos
- Support for Clocked Scans (Run reconnaissance exactly at X Hours and Y minutes) and Periodic Scans (Runs reconnaissance every X minutes/hours/days/week)
- Proxy Support
- Screenshot Gallery with Filters
- Powerful recon data filtering with autosuggestions
- Recon Data changes, finds new/removed subdomains/endpoints
- Support for tagging targets into Organization
- Ability to identify Interesting Subdomains
- Support for custom GF patterns and custom Nuclei Templates
- Support for editing tool-related configuration files (Nuclei, Subfinder, Naabu, amass)
- Ability to Mark Important Subdomains
- Interoperable with other tools, Import/Export Subdomains/Endpoints
- Option to send scan data directly to discord
References[edit]
- ↑ "ReNgine: Open source recon tool automates intel-gathering process for pen testers". The Daily Swig | Cybersecurity news and views. 2020-10-20. Retrieved 2021-08-15.
- ↑ 2.0 2.1 "Scan Engines - reNgine Documentation". rengine.wiki. Retrieved 2021-08-15.
- ↑ 3.0 3.1 "Release v0.1". Retrieved 2021-08-15.
- ↑ "Scan Engines - reNgine Documentation". rengine.wiki. Retrieved 2021-08-15.
- ↑ 5.0 5.1 "GitHub - yogeshojha/rengine: reNgine is a reconnaissance engine(framework) that does end-to-end reconnaissance with the help of highly configurable scan engines and does information gathering about the target web application. reNgine makes use of various open-source tools and makes a configurable pipeline of reconnaissance". GitHub. Retrieved 2021-08-15.
- ↑ "GitHub - project discovery/subfinder: Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing". GitHub. Retrieved 2021-08-15.
- ↑ "GitHub - project discovery/naabu: A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests". GitHub. Retrieved 2021-08-15.
"ReNgine: Open source recon tool automates intel-gathering process for pen testers". Unknown parameter |url-status= ignored (help)
This article "ReNgine - Reconnaissance Tool" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:ReNgine - Reconnaissance Tool. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.
