Recon-ng: A full tutorial from noob to pro [Updated 2024]


Hey, there guys, In this post, you will learn what is recon-ng and how to work with the tool from scratch and you should just follow the upcoming steps to become a pro in recon-ng. All the best my friend ????


What is recon-ng

Recon-ng is a reconnaissance tool and it is one of the powerful recon tools that exist in the modern world and I personally love this tool and do you, just comment down if you love it…

The tool has almost got every feature in it and simply we could say the tool is an all-rounder. The tool is in a command-line interface and the results can also be viewed in web format.

COOL is it

When I first worked with the tool, I said is it was a copy of Metasploit? Because the interface is much similar but not complicated as Metasploit.

Also Read: Installing custom kali is very easy


Who developed the tool❓

The tool was written by this guy ????, His name is Tim Tomes and I should really thank him and the contributors to the tool. The author seems to be an introvert and here are his social links????????.

To download recon-ng just enter sudo apt-get install recon-ng

What all the recon-ng can do

  • Interactive Help
  • Command Completion
  • Database Interaction
  • Shell Commands
  • Spooling Activity
  • Recording Commands
  • Configuration Persistence
  • Global Options
  • Workspaces
  • Module Marketplace
  • Module Searching
  • Smart Loading
  • Database Snapshots
  • Restricted Context
  • Module Details
  • Data Sources
  • Third Party Modules
  • Methodology Driven
  • Automation
  • Analysis and Reporting
  • Analytics


Some use full commands in recon-ng

  1. back: Exits the current context
  2. dashboard: Displays a summary of activity
  3. db: Interfaces with the workspace’s database
  4. exit: Exits the framework
  5. help: Displays this menu
  6. index: Creates a module index (dev only)
  7. keys: Manages third-party resource credentials
  8. marketplace: Interfaces with the module marketplace
  9. modules: Interfaces with installed modules
  10. options: Manages the current context options
  11. pdb: Starts a Python Debugger session (dev only)
  12. script: Records and executes command scripts
  13. shell: Executes shell commands
  14. show: Shows various framework items
  15. snapshots: Manages workspace snapshots
  16. spool: Spools output to a file
  17. workspaces: Manages workspaces

There are much more commands and if you want more familiarity just watch my youtube video on recon-ng and the video is at the top of the page.

How to use recon-ng

Follow the below steps and examples to become a noob to pro in the recon-ng tool and If you have any doubt just comment down below and I’m ready to help you…


In this example let’s see about workspaces. let’s create, list, load and remove a workspace. Workspaces are where you can work on your project.


Let’s create a workspace, the command is

workspaces create moulik

instead of moulik, you add you workspace

workspace recon-ng


Let’s list the created workspaces, to list enter this command ????????

workspaces list
workspaces recon-ng

So here are the created workspaces and we listed them, by default there will be always a default workspace.


Let’s load the moulik workspace, to load any workspace enter ????????

workspaces load moulik

Instead of moulik add the workspaces name you wanna load

workspaces load moulik
workspaces recon-ng load


To remove workspaces just enter ????????

workspaces remove moulik
workspace recon-ng

You see we have removed the moulik workspaces and to check we removed just do

workspaces list


Let’s do a snapshot. Snapshot is taking a snap of your work


To do a snapshot enter this command ????????

snapshots take moulik

Instead of moulik keep the name you wish



Let’s list the snapshots

snapshots list 
recon-ng snapshot


Let’s load the snapshot

To load snapshots do this command ????????

snapshots load snapshot_20210911034707.db

Instead of the snapshot enter the snapshot file you wanna enter

snapshot recon-ng


To remove snapshots do this command

snapshots remove snapshot_20210911034707.db
snapshots recon-ng


To see a summary of your activity enter


Here is the command to check for your work activity ????????

dashboard recon-ng


Executing a shell


To execute a shell enter

shell sh 

Instead of sh, you enter whatever shell you want Iam entering Bourne shell



pdb is a debugger


To start a debugger just do this command

pdb recon-ng


Interfaces with the workspace’s database, Let’s do a schema, insert, delete, query, notes etc…


Firstly let’s enter ???????? to find the workspaces related database in a good box format

db schema

Once you do db schema you see all this information in box format


db recon-ng


Now let’s add an insert port,

To insert something in db just enter

db insert ports

Instead of port you could enter whatever you want.


To delete any rows enter

db delete hosts

Instead of host enter what you wanna delete and once you give this command it asks for the no of command in rows to delete like this ????????

db delete


Let’s add notes in db

Do this ???????? specify the tables and then enter the rows and the enter the change

db notes ports
db notes


Here is where we could know the information of the module.


Gathering information on all installed modules

index all
indes recon-ng


Now, let’s index a specific module here it will be

index import/masscan



In the marketplace, we are going to install, remove, search, info, refresh and let’s see about the marketplace.

In the marketplace, we can install all recon tools. Most of the recon tools are available in the marketplace but some tools will have some errors.


Let’s search for a tool, to search just enter

marketplace search 
marketplace recon-ng


Let’s search for a specific tool, to search a specific tool enter this command ????????

marketplace search dns
marketplace recon-ng

Instead of DNS you enter whatever you want, you could enter nmap, or any other tool you search for…


Okay, now let’s install the searched tool, to install any tool enter this command ????????

marketplace install recon/companies-domains/whoxy_dns

Instead of recon/companies-domains/whoxy_dns enter the tool you wanna install



To remove any installed tool enter

marketplace remove  recon/companies-domains/whoxy_dns 

The installed tool will be in modules, Next, let’s see what is modules…



The installed tool in the marketplace will be in these modules, In modules let’s see how to search, load, reload…


Now, let’s check for the installed tool in the marketplace, the tool will be saved in modules and to look for it do

Modules search 


To load the module just enter ????????

module load recon/domains-contacts/whois_pocs

Instead of recon/domains-contacts/whois_pocs enter the tool you wanna load

Now it is loaded, let’s give info


Now let’s do info and look at the loaded module,


In the source, there is, Instead of we are entering to set the SOURCE to let’s enter this ????????


Changing target

options unset SOURCE 

Now we have unset the target, see the SOURCE there is nothing


To add the target simply enter ????????

options set SOURCE

Now the new target is set


To run the set target just give



Now, we move on to keys, You should have noticed at the marketplace some tools asking for API keys.

So, to add the API key follow these steps…


Firstly you should install a tool that has API key dependency and once installed. Do this command and see what all tools require keys

keys list

So, I have installed these tools ???? which requires API and one tool has API key.


To add an API key just follow my steps ????????

keys add builtwith_api 00000000000000000000000000000

Instead of buitwith_api add the tool you want, you could add whoxy_api, shodan_api and so on…


To remove an API key do it ????????

keys remove builtwith_api 0000000000000000000000000000000


The show command shows the various frameworks


The show commands show all the frameworks existing


Now to see any framework just enter ????????

show companies

Instead of companies, you could enter the frameworks that exist there on the above pic

Also Read: Parsero information gathering tool

Also Read: Hping3 full tutorial

2 thoughts on “Recon-ng: A full tutorial from noob to pro [Updated 2024]”

Comments are closed.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions or brave browser to block ads. Please support us by disabling these ads blocker.Our website is made possible by displaying Ads hope you whitelist our site. We use very minimal Ads in our site


Scroll to Top