A modular, extensible, and powerful reconnaissance toolkit for authorized security assessments.
DemoPhantomRecon.mp4
This tool is intended for authorized security testing and educational purposes ONLY. Unauthorized access to computer systems is illegal. Always obtain written permission before scanning any target. The developers assume no liability for misuse.
| Module | Description |
|---|---|
| π DNS Enumeration | A/AAAA/MX/NS/TXT/SOA/CNAME records, zone transfer attempts |
| π Subdomain Discovery | Dictionary-based + certificate transparency + brute force |
| π Port Scanner | TCP SYN/Connect scanning, top ports, service detection |
| π·οΈ Banner Grabbing | Service fingerprinting on open ports |
| π SSL/TLS Analyzer | Certificate details, cipher suites, vulnerability checks |
| π WHOIS Lookup | Domain registration, registrar, expiration data |
| π‘ HTTP Header Analysis | Security headers, server info, cookie flags |
| π οΈ Technology Detection | CMS, frameworks, libraries, server-side tech |
| π§ Email Harvesting | Discover emails associated with target domain |
| π Directory Brute Force | Discover hidden paths, files, and directories |
| π΅οΈ OSINT Gathering | Wayback machine, social media, public data |
| π‘οΈ Vulnerability Scanner | CVE lookup, known vulnerability identification |
| π Report Generator | HTML/JSON/TXT comprehensive reports |
git clone https://github.com/michaelgregoryibizugbe/PHANTOM-RECON.git
cd phantom-recon
pip install -e .Or install dependencies manually:
pip install -r requirements.txtphantomrecon --target example.com --all --output report.htmlphantomrecon --target example.com --dns
phantomrecon --target example.com --ports --port-range 1-1000
phantomrecon --target example.com --subdomains --wordlist wordlists/subdomains.txt
phantomrecon --target example.com --whois
phantomrecon --target example.com --ssl
phantomrecon --target example.com --headers
phantomrecon --target example.com --tech
phantomrecon --target example.com --emails
phantomrecon --target example.com --dirs --wordlist wordlists/directories.txt
phantomrecon --target example.com --osint
phantomrecon --target example.com --vulns
phantomrecon --target example.com --bannersphantomrecon --target example.com --dns --ports --ssl --headers --tech -o report.jsonphantomrecon --target example.com --all --config config.yaml --threads 50 --timeout 10Engine (Orchestrator)
βββ Module Registry
βββ Thread Pool Executor
βββ Result Aggregator
βββ Report Generator
βββ HTML Report
βββ JSON Report
βββ TXT Report
- Fork the repository
- Create a feature branch (
git checkout -b feature/new-module) - Commit changes (
git commit -am 'Add new module') - Push to branch (
git push origin feature/new-module) - Open a Pull Request
MIT License β see LICENSE for details.