./BACK_TO_PROJECTS
Offensive SecurityInternship Project

Automated Reconnaissance Framework

A multi-threaded Pentesting Suite that consolidates network scanning, OSINT gathering, and payload generation into a single automated pipeline.

Scanning Architecture

01. Network Discovery

Sweeps IP ranges using socket connections to identify live hosts and open ports (80, 443, 22, 21).

MODULE: IP_SCANNER● RUNNING
Target: 192.168.1.0/24 → 5 Hosts Found
MODULE: SUBDOMAINACTIVE
Found: admin.example.com, test.example.com

02. OSINT Enrichment

Enumerates subdomains and extracts carrier/location data from phone numbers to build a target profile.

03. Asset Generation

Automatically generates wordlists, passwords, and QR/Barcodes for social engineering or brute-force testing.

OUTPUTSAVED
scan_results.csv, wordlist.txt

Multi-Threaded Engine

To drastically reduce scan times, I implemented a threading model that allows network scans, OSINT checks, and file generation to execute concurrently.

Python
ReconAutomation.py (Worker Thread)
def worker(task, args):
    if task == "ip_scanner":
        ip_range, ports = args
        live_hosts = []
        # Concurrent IP Scanning
        for ip in ipaddress.IPv4Network(ip_range, strict=False):
            if is_host_live(str(ip)):
                print(f"Host {ip} is live.")
                live_hosts.append(str(ip))
        
        # Trigger Port Scan on Live Hosts
        for host in live_hosts:
            scan_ports(host, ports)

    elif task == "subdomain_checker":
        check_subdomain(args[0], args[1])
        
    elif task == "phone_info":
        info = phone_info(args[0])
        print(f"Country: {info['Country']}, Carrier: {info['Carrier']}")

Tool Arsenal

Network Recon

SocketIPAddressThreading

OSINT Modules

RequestsPhonenumbersSubdomain Enum

Utilities

CSVBarcode/QRRandom

Capabilities

8+
Modules
Multi
Threaded
CSV
Reporting
100%
Python
View Source on GitHub