Skip to content

mizazhaider-ceh/X-Recon

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

9 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

πŸ”₯ X-Recon v3.0

X-Recon Banner Python FastAPI AI Powered License

Typing SVG

πŸ›‘οΈ Elite Cybersecurity Reconnaissance Toolkit

Professional-grade security reconnaissance with AI-powered analysis and modern web interface

Created with ❀️ by Muhammad Izaz Haider

πŸš€ Quick Start β€’ ✨ Features β€’ πŸ“Έ Screenshots β€’ πŸ”§ Installation β€’ πŸ‘€ About Me


Stars Forks Issues


🎯 What is X-Recon?

X-Recon is an all-in-one cybersecurity reconnaissance toolkit designed for security professionals, penetration testers, and bug bounty hunters. It combines powerful scanning modules with an AI assistant and a sleek cyberpunk-themed web interface.

πŸ”₯ The Evolution

v1.0 β†’ CLI Tools Only
v2.0 β†’ CLI + AI Integration  
v3.0 β†’ CLI + AI + Web Dashboard ← You are here!

πŸ’‘ Why X-Recon?

πŸš€ All-in-One - No switching between tools
πŸ€– AI-Powered - Smart analysis & suggestions
🌐 Web Interface - Modern, real-time dashboard
⚑ Async - Blazing fast scans


πŸš€ Quick Start

# Clone the repository
git clone https://github.com/mizazhaider-ceh/X-Recon.git
cd X-Recon

# Install dependencies
pip install -r requirements.txt

# Set up AI (optional but recommended)
echo "CEREBRAS_API_KEY=your_api_key" > .env

# Launch X-Recon
python main.py

πŸ’‘ Select Option 1 β†’ Opens web dashboard at http://127.0.0.1:8000

⚑ One-Liner for Windows
git clone https://github.com/mizazhaider-ceh/X-Recon.git && cd X-Recon && pip install -r requirements.txt && python main.py

πŸ“ Project Structure

X-Recon/
β”œβ”€β”€ main.py                 # Main entry point
β”œβ”€β”€ server/                 # Backend server files
β”‚   β”œβ”€β”€ server.py          # FastAPI web server
β”‚   β”œβ”€β”€ server_manager.py  # Server lifecycle management
β”‚   └── config.py          # Configuration
β”œβ”€β”€ modules/               # Scan modules
β”‚   β”œβ”€β”€ port_scanner.py
β”‚   β”œβ”€β”€ subdomain_scanner.py
β”‚   β”œβ”€β”€ dir_bruteforcer.py
β”‚   β”œβ”€β”€ email_harvester.py
β”‚   β”œβ”€β”€ ai_assistant.py
β”‚   └── ...
β”œβ”€β”€ web/                   # Frontend files
β”‚   β”œβ”€β”€ index.html
β”‚   β”œβ”€β”€ css/
β”‚   └── js/
β”‚       β”œβ”€β”€ components/
β”‚       β”œβ”€β”€ api.js
β”‚       β”œβ”€β”€ router.js
β”‚       └── state.js
β”œβ”€β”€ results/               # Scan reports (HTML)
└── wordlists/            # Fuzzing wordlists

✨ Features

🌐 Web Dashboard

βœ… Real-time Terminal - Live scan output via WebSocket
βœ… Scan Controls - Start, stop, monitor scans
βœ… Command Input - Enter terminal commands directly
βœ… Session Persistence - Preserves history on refresh
βœ… Responsive Design - Works on all devices

πŸ€– AI Assistant (X-AI)

βœ… Powered by Cerebras - Llama 3.3 70B model
βœ… Context-Aware - Knows X-Recon toolkit
βœ… Syntax Highlighting - Beautiful code blocks
βœ… Quick Actions - One-click common queries
βœ… Export Chats - Download conversations


πŸ” Reconnaissance Modules

Module Description Speed
πŸš€ Port Scanner Async TCP port scanning ⚑ 1000+ ports/sec
🌐 Subdomain Scanner DNS enumeration ⚑ 500 concurrent
πŸ“ Directory Bruteforcer Web path fuzzing ⚑ 200 concurrent
πŸ“§ Email Harvester OSINT email collection πŸ” Multi-source
πŸ”Ž Service Detector Banner grabbing 🎯 Smart detection
πŸ›‘οΈ CVE Lookup Vulnerability search πŸ“Š NVD database
🧬 DNS Scanner WHOIS & DNS intel πŸ“‹ Full records
πŸ”§ Nmap Integration Advanced OS detection πŸ”¬ Deep scan

πŸ“Έ Screenshots

πŸ–₯️ CLI Interface

πŸ’» Main Menu - Command Center

CLI Main Menu

Features:

  • ASCII art banner with creator info
  • Color-coded menu options
  • Phase-based organization
  • Clean, professional terminal UI
πŸ” Scanning in Action

CLI Scanning

Features:

  • Real-time scan output
  • Progress indicators
  • Color-coded results
  • Module execution logs

🌐 Web Dashboard

πŸ“Š Dashboard - Command Center

Web Dashboard

Features:

  • Quick scan with module selection
  • Real-time terminal output
  • Interactive command input
  • Live stats and status
🎯 Scanner - Multi-Module

Web Scanner

Features:

  • Target configuration
  • Module selection with descriptions
  • One-click scan launch
  • Real-time progress tracking
πŸ€– AI Assistant - X-AI

Web AI Chat

Features:

  • Cybersecurity Q&A
  • Code syntax highlighting
  • Keyword emphasis (CVEs, tools)
  • Export conversations
  • Model selection (Llama 70B/8B)
πŸ“‹ Reports - Professional Output

Web Reports

Features:

  • HTML report viewer
  • Download & delete options
  • Sortable by date/type
  • Interactive report content

πŸ”§ Installation

Prerequisites

  • Python 3.8+
  • pip package manager
  • (Optional) Nmap for advanced scanning

Step-by-Step

# 1. Clone repository
git clone https://github.com/mizazhaider-ceh/X-Recon.git
cd X-Recon

# 2. Create virtual environment (recommended)
python -m venv venv
source venv/bin/activate  # Linux/Mac
# or: venv\Scripts\activate  # Windows

# 3. Install dependencies
pip install -r requirements.txt

# 4. Configure AI (optional but recommended)
cp .env.example .env
# Edit .env and add your Cerebras API key

# 5. Launch
python main.py

πŸ€– Get Cerebras API Key (Free!)

  1. Go to https://cloud.cerebras.ai/
  2. Sign up for free account
  3. Generate API key
  4. Add to .env file

πŸ’‘ Why Cerebras? Llama 3.3 70B at lightning speed β€” perfect for security analysis!


🎯 Usage

Web Interface (Recommended)

  1. Run python main.py
  2. Select Option 1 - Launch Web Dashboard
  3. Navigate to http://127.0.0.1:8000
  4. Go to Scanner tab
  5. Enter target and select modules
  6. Click INITIATE OFFENSIVE SCAN
  7. View real-time output in Dashboard terminal
  8. Check Reports tab for HTML results

CLI Mode

python main.py
# Select Option 2 for CLI scan
# Select Option 3 for AI Assistant

πŸ“Š Report Format

All scan results are saved as HTML reports in the results/ directory:

  • Interactive - Click to expand sections
  • Professional - Clean, modern design
  • Comprehensive - All findings with timestamps
  • Shareable - Self-contained HTML files

βš™οΈ Configuration

Environment Variables

Create a .env file:

CEREBRAS_API_KEY=your_api_key_here

Get your API key from: https://cloud.cerebras.ai/

Server Settings

Edit server/config.py:

SERVER_HOST = "127.0.0.1"
SERVER_PORT = 8000
RESULTS_DIR = "results"

πŸ›‘οΈ Security Best Practices

βœ… Legal Use Only - Only scan targets you own or have permission to test
βœ… Rate Limiting - Respect target servers
βœ… Stealth Mode - Use low-noise scanning when needed
βœ… Responsible Disclosure - Report vulnerabilities ethically


πŸ”§ Development

Adding New Modules

  1. Create modules/your_module.py
  2. Follow the template structure
  3. Add to Scanner component in web/js/components/Scanner.js
  4. Module will auto-integrate with web dashboard

Tech Stack

  • Backend: Python 3.8+, FastAPI, WebSockets
  • Frontend: Vanilla JavaScript (ES6+), HTML5, CSS3
  • AI: Cerebras Cloud SDK
  • Architecture: SPA with hash routing

πŸ“ Changelog

v3.0 (Current - February 2026)

  • βœ… Complete web dashboard overhaul
  • βœ… Real-time terminal with WebSocket streaming
  • βœ… Scan start/stop controls
  • βœ… Terminal command input
  • βœ… AI assistant with syntax highlighting
  • βœ… Model selection (Llama 70B/8B)
  • βœ… Chat export functionality
  • βœ… Quick action buttons
  • βœ… Keyword highlighting (CVEs, tools, names)
  • βœ… CSS modular architecture (14 files)
  • βœ… Session persistence
  • βœ… Professional HTML reports
  • βœ… Fixed subdomain/directory scanner bugs

v2.0

  • CLI-based scanning
  • Basic HTML reports
  • AI integration

v1.0

  • Initial release
  • Core scanning modules

🀝 Contributing

Contributions welcome! Please:

  1. Fork the repository
  2. Create a feature branch
  3. Make your changes
  4. Submit a pull request

πŸ“„ License

MIT License - See LICENSE file for details


πŸ‘€ The Story Behind X-Recon

πŸš€ From a Pakistani Village to European Cybersecurity

"As a cybersecurity engineer, I thought: first build CLI tools, then add AI integration, then a web interface. CLI + AI + Web GUI. It took me a lot of time, but now it's done."

X-Recon started as a personal project to solve a real problem: too many scattered tools, no unified workflow. As a penetration tester, I was tired of switching between terminals, scripts, and tools. I wanted everything in one place.

πŸ“ The Journey

Phase What I Built Why
v1.0 CLI scanning modules Learn by building
v2.0 Added AI assistant Smart analysis needed
v3.0 Full web dashboard Professional workflow

πŸ’‘ Philosophy

βœ… Building over collecting certificates
βœ… Practice over theory
βœ… Real tools over endless tutorials
βœ… If I fail, the failure is mine. If I succeed, the credit belongs to Allah.

πŸ‘€ Author

Muhammad Izaz Haider

Muhammad Izaz Haider

Junior DevSecOps & AI Security Engineer @ Damno Solutions
Penetration Tester | Cybersecurity Student @ Howest University πŸ‡§πŸ‡ͺ
AI Security Researcher | Founder @ The PenTrix


πŸ‡΅πŸ‡° β†’ πŸ‡§πŸ‡ͺ From a small Pakistani village to Belgium's cybersecurity field

Built on self-learning, persistence, and faith β€” Alhamdulillah 🀲


LinkedIn GitHub Portfolio Email


🀝 Want to Build Together?

Got ideas? Found a bug? Want to contribute?

I'm always open to collaboration! Whether you want to:

  • πŸ› Report issues
  • πŸ’‘ Suggest features
  • πŸ”§ Submit pull requests
  • πŸ’¬ Just chat about cybersecurity

Reach out on LinkedIn β€” Let's build the future of security together!


⭐ Star this repo if you find it useful!

Footer

Made with ❀️ by Muhammad Izaz Haider

"Don't wait for opportunities; build them."


Visitors

About

πŸ¦β€πŸ”₯ Elite AI-Powered Reconnaissance Toolkit. Features a Cyberpunk Web Dashboard with real-time WebSocket terminal, Async Port/Subdomain scanning, and Llama 3.3-powered security analysis. A unified command center for Penetration Testers and Bug Bounty Hunters.

Topics

Resources

Stars

3 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors