Skip to main content

Cyber Recon Toolkit

Project description

Cyber Recon Toolkit

Cyber Recon Toolkit is a modular terminal-based cybersecurity and reconnaissance framework designed for network analysis, security assessment, forensic investigation, and automated reporting.


Overview

This toolkit combines multiple reconnaissance, scanning, forensic, and reporting utilities into a single integrated Python platform. It is designed for practical cybersecurity workflows, clean CLI interaction, modular expansion, and evidence-oriented reporting.


Features

Reconnaissance Modules

  • WHOIS Lookup
  • DNS Enumeration
  • Ping Sweep

Scanning Modules

  • TCP Port Scanner
  • Log Analyzer

Utility Modules

  • Hash Generator
  • Phishing URL Checker
  • Combined Report Generator

Reporting Features

  • JSON report export
  • CSV report export
  • PDF report export
  • Timestamped forensic reports
  • PDF watermarking
  • Consolidated evidence collection
  • Cross-module report aggregation

Project Structure

Cyber-Recon-Toolkit/
├── README.md
├── requirements.txt
├── run.sh
├── toolkit.py
├── reports/
├── logs/
├── modules/
│   ├── dns_enum.py
│   ├── hash_generator.py
│   ├── log_analyzer.py
│   ├── phishing_checker.py
│   ├── ping_sweep.py
│   ├── port_scanner.py
│   ├── report_generator.py
│   └── whois_lookup.py

Requirements

  • Python 3.10 or higher
  • Linux-based environment recommended
  • Tested on Kali Linux

Installation

Clone the repository:

git clone https://github.com/kvr585/Cyber-Recon-Toolkit
cd Cyber-Recon-Toolkit

Launch the toolkit:

./run.sh

The launcher automatically:

  • Creates a virtual environment (.venv)
  • Activates the environment
  • Installs required dependencies
  • Starts the toolkit

Required Python Packages

The toolkit uses the following Python packages:

  • rich
  • python-whois
  • dnspython
  • tldextract
  • requests
  • reportlab

All dependencies are already included in requirements.txt.


Running the Toolkit

Start the toolkit using:

./run.sh

Using the launcher ensures the virtual environment and dependencies are configured correctly before execution.


Main Menu

RECON
1. WHOIS Lookup
2. DNS Enumeration
3. Ping Sweep

SCANNING
4. Port Scanner
5. Log Analyzer

UTILITIES
6. Hash Generator
7. Phishing URL Checker
8. Generate Combined Report

SYSTEM
9. Exit

Module Details

WHOIS Lookup

  • Domain WHOIS lookup
  • Registrar information
  • Creation and expiration dates
  • Domain status
  • DNS nameservers
  • JSON report generation

DNS Enumeration

  • A record lookup
  • AAAA record lookup
  • MX record lookup
  • NS record lookup
  • TXT record lookup
  • CNAME discovery
  • DNS summary output
  • JSON report export

Ping Sweep

  • /24 subnet discovery
  • Multithreaded ICMP scanning
  • Live host detection
  • Scan timing
  • JSON reporting

Port Scanner

  • Multithreaded TCP port scanning
  • Custom port range support
  • Service detection
  • Basic banner grabbing
  • Progress tracking
  • Resolved target IP display
  • JSON reporting

Log Analyzer

  • Log file parsing
  • Suspicious activity detection
  • Error highlighting
  • Security event inspection
  • JSON export

Hash Generator

  • MD5 hashing
  • SHA1 hashing
  • SHA256 hashing
  • SHA512 hashing
  • Text hashing
  • File hashing
  • Hash verification
  • File integrity checks
  • JSON reporting

Phishing URL Checker

  • URL structure analysis
  • Suspicious keyword detection
  • IP-based URL detection
  • URL length analysis
  • HTTPS validation
  • Domain extraction checks

Combined Report Generator

  • Aggregates module outputs into combined JSON
  • Generates combined CSV reports
  • Produces formatted PDF reports
  • Adds forensic timestamps
  • Includes PDF watermarking
  • Allows direct report opening from toolkit

Screenshots

Main Menu

Main Menu


Port Scanner

Port Scanner


Generated PDF Report

PDF Report

PDF Report


Output and Reports

Generated reports are automatically saved inside the reports/ directory.

Supported formats include:

  • JSON
  • CSV
  • PDF

Generated reports may include:

  • Scan results
  • DNS findings
  • WHOIS information
  • Security events
  • Forensic summaries
  • Timestamps
  • Watermarked PDF exports

Educational Purpose Disclaimer

This project is intended strictly for educational, academic, and authorized security testing purposes only.

Do not use this toolkit against systems, networks, or services without proper authorization.

The developer is not responsible for misuse or unauthorized activities performed using this toolkit.


Author

Developed for cybersecurity research, network reconnaissance, and forensic reporting.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cyber_recon_toolkit-1.0.0.tar.gz (19.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

cyber_recon_toolkit-1.0.0-py3-none-any.whl (23.0 kB view details)

Uploaded Python 3

File details

Details for the file cyber_recon_toolkit-1.0.0.tar.gz.

File metadata

  • Download URL: cyber_recon_toolkit-1.0.0.tar.gz
  • Upload date:
  • Size: 19.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.12

File hashes

Hashes for cyber_recon_toolkit-1.0.0.tar.gz
Algorithm Hash digest
SHA256 e0efcb813d238685547c50662ec71ef41dcd5789fed081a725a41e39a338d1f7
MD5 ac041c3735209a911ec5bc0caf6d3d20
BLAKE2b-256 043cf4491d2be231b8a3954d6b71257730751e804579655d3b99d26ea50e44f4

See more details on using hashes here.

File details

Details for the file cyber_recon_toolkit-1.0.0-py3-none-any.whl.

File metadata

File hashes

Hashes for cyber_recon_toolkit-1.0.0-py3-none-any.whl
Algorithm Hash digest
SHA256 7e22b842407d805985630f6602c4e8c740ed27116d4effa5d1172b0ee710e8b7
MD5 9ccb10772945444b9a78937b4aeb2697
BLAKE2b-256 bd0359b4e9d5eaa1c07537e1ab379a96caa1152414cd55531d186a94672a3994

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page