Skip to main content

AI-powered OSINT and security reconnaissance toolkit for Python: subdomain finder, WAF detector, JWT analyzer, breach and SPF/DMARC checker, GitHub secret scanner, and a natural-language AI agent.

Project description

reconx-py

AI-powered OSINT and security reconnaissance toolkit for Python.

A Python security reconnaissance library, command-line tool, and optional AI agent. It bundles a subdomain finder, WAF detector, JWT analyzer, email breach and SPF/DMARC checker, GitHub secret scanner, and website security audit into one package built for bug bounty, penetration testing, and OSINT workflows.

Python httpx License PRs Welcome

Overview

reconx-py provides penetration testers, bug bounty hunters, and security researchers with nine focused reconnaissance tools, exposed both as clean asynchronous Python functions and as a reconx command-line interface. Each tool works standalone with no configuration. An optional AI agent adds a natural-language layer that maps plain-English requests to the correct tool, runs it, and returns an explanation. The agent works with any OpenAI-compatible API, including OpenAI, DeepSeek, OpenRouter, and Groq.

Installation

pip install reconx-py

Optional WHOIS enrichment for the osint command:

pip install "reconx-py[whois]"

Library usage

import asyncio
from reconx import scan_website, find_subdomains, check_breach

print(asyncio.run(scan_website("example.com")))
print(asyncio.run(find_subdomains("github.com")))

Every tool returns a plain dict.

Function Description
scan_website(domain) Website security scanner. HTTP security-header audit with a graded score.
scan_github(username) GitHub secret scanner. Flags leaked API keys and credentials in public repositories.
osint_recon(domain) OSINT reconnaissance. DNS, WHOIS, and IP intelligence.
find_subdomains(domain) Subdomain finder and enumeration via Certificate Transparency logs (crt.sh).
check_breach(email) Email breach checker. Have I Been Pwned style lookup.
analyze_jwt(token) JWT analyzer and decoder with an offline security audit.
email_security(domain) SPF and DMARC checker for email spoofing protection.
waf_detect(domain) WAF and CDN detector using response fingerprinting.
brand_monitor(domain) Typosquatting and domain-impersonation finder.

All functions are asynchronous except analyze_jwt, which runs fully offline.

Command-line usage

reconx scan example.com
reconx subdomains github.com --json
reconx jwt "eyJhbGci..."
reconx email-sec github.com
reconx waf cloudflare.com

Add --json to any command for raw JSON output.

AI agent (optional)

Bring any OpenAI-compatible API key.

import asyncio
from reconx.agent import ask

asyncio.run(ask("scan example.com and explain the risks", api_key="sk-..."))
export OPENAI_API_KEY=sk-...
# For a non-OpenAI provider, also set:
# export OPENAI_BASE_URL=https://openrouter.ai/api/v1
# export OPENAI_MODEL=openai/gpt-4o-mini
reconx ask "does cloudflare.com have a WAF?"

The agent selects the correct tool, executes it, and explains the findings in plain English. Requests go only to the provider you configure.

Design notes

  • Light dependencies: httpx and dnspython only.
  • Data sources such as crt.sh and LeakCheck are free public services and can be rate-limited or briefly unavailable. Tools degrade gracefully and return a note rather than raising.
  • Set GITHUB_TOKEN to raise the GitHub API rate limit for scan_github.
  • Authorized testing only. Scan targets you own or have written permission to test.

Who it is for

Bug bounty hunters, penetration testers, red teams, and security researchers who want a scriptable Python reconnaissance toolkit, plus anyone who prefers to query an AI security assistant in plain English instead of memorizing commands.

Keywords

Python security tools, OSINT library, reconnaissance toolkit, subdomain enumeration, WAF detection, JWT decoder, email breach lookup, SPF and DMARC checker, GitHub secret scanning, typosquatting detection, bug bounty, penetration testing, AI security agent, LLM tool calling.

License

MIT. Copyright (c) 2025 Muhammad Adil.

Built by Muhammad Adil

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

reconx_py-0.1.0.tar.gz (12.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

reconx_py-0.1.0-py3-none-any.whl (18.0 kB view details)

Uploaded Python 3

File details

Details for the file reconx_py-0.1.0.tar.gz.

File metadata

  • Download URL: reconx_py-0.1.0.tar.gz
  • Upload date:
  • Size: 12.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.0

File hashes

Hashes for reconx_py-0.1.0.tar.gz
Algorithm Hash digest
SHA256 30da334fd19b6684ad1ca4e671f0c6da7bdd9616100a96ddb3e209032a35e05a
MD5 d2ae4d2c2cae02fa8c999e00a41587ba
BLAKE2b-256 ed765d721f7895850a21656768fa0432434a2d9f2d53b19b0b179c62e4dd293b

See more details on using hashes here.

File details

Details for the file reconx_py-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: reconx_py-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 18.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.0

File hashes

Hashes for reconx_py-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 54c9f88c49acf695b5f92d665dab8e87a1c5a6fef0e5716b2965fa4fec136838
MD5 4a6e7488820ed43ecf3f944910c3368c
BLAKE2b-256 81510c94de496bdccd30fe865a3f6aaf159b2530f68a372083ed2bdef9ddea24

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page