ReconUI - Open Source Reconnaissance (Alpha version)

About ReconUI is a simple web application that combines different recon methods to find attack surface and identify assets of the in-scope targets. When you are given a scope like * in bug bounty / vulnerability disclosure policies, it gives you a chance to find vulnerabilities in as many targets as possible. While that has its advantages, it also has its own disadvantages. Just for an example lets take Yahoo's bug bounty accepts any vulnerability under * When you start looking for bugs, you end up finding thousands of subdomains and end up getting confused on what you should look for or how you should target something. In those cases, recon tools become handy  because you can let them do the hard work and help identify possible crucial assets. However, as we (the bug bounty community) grow, multiple tools are released on GitHub that we can use. Simply running each of these tools on every scan or opening multiple terminals (despite how cool it loo… Public Launch

Background About 2 months ago, I started to code multiple different tools and brainstorm different ideas on how to make my bug bounty life easier. One of the code I wrote was a small search engine that allowed for looking up AWS bucket based on a company name. After I coded that project, I launched it publicly and announced it on Twitter: 
Soon after that, I was approached by AWS team because they liked the idea but had some questions regarding it. Overall, it was a fun experience talking with them and exchanging different ideas on how this product could be made better. During my talk with the AWS team, they raised an extremely valuable concern. This scanner is suppose to run scan every 48 hours and update the search engine accordingly but what if this was misused? When it was initially launched, it was open to everyone. This meant anyone could use it without the service monitoring who was using it. This raised a concern that what if someone uses this tool and then threatens a compan…