AI-powered OSINT and security reconnaissance toolkit for Python: subdomain finder, WAF detector, JWT analyzer, breach and SPF/DMARC checker, GitHub secret scanner, and a natural-language AI agent.
Project description
reconx-py
AI-powered OSINT and security reconnaissance toolkit for Python.
A Python security reconnaissance library, command-line tool, and optional AI agent. It bundles a subdomain finder, WAF detector, JWT analyzer, email breach and SPF/DMARC checker, GitHub secret scanner, and website security audit into one package built for bug bounty, penetration testing, and OSINT workflows.
Overview
reconx-py provides penetration testers, bug bounty hunters, and security researchers with nine focused reconnaissance tools, exposed both as clean asynchronous Python functions and as a reconx command-line interface. Each tool works standalone with no configuration. An optional AI agent adds a natural-language layer that maps plain-English requests to the correct tool, runs it, and returns an explanation. The agent works with any OpenAI-compatible API, including OpenAI, DeepSeek, OpenRouter, and Groq.
Installation
pip install reconx-py
Optional WHOIS enrichment for the osint command:
pip install "reconx-py[whois]"
Library usage
import asyncio
from reconx import scan_website, find_subdomains, check_breach
print(asyncio.run(scan_website("example.com")))
print(asyncio.run(find_subdomains("github.com")))
Every tool returns a plain dict.
| Function | Description |
|---|---|
scan_website(domain) |
Website security scanner. HTTP security-header audit with a graded score. |
scan_github(username) |
GitHub secret scanner. Flags leaked API keys and credentials in public repositories. |
osint_recon(domain) |
OSINT reconnaissance. DNS, WHOIS, and IP intelligence. |
find_subdomains(domain) |
Subdomain finder and enumeration via Certificate Transparency logs (crt.sh). |
check_breach(email) |
Email breach checker. Have I Been Pwned style lookup. |
analyze_jwt(token) |
JWT analyzer and decoder with an offline security audit. |
email_security(domain) |
SPF and DMARC checker for email spoofing protection. |
waf_detect(domain) |
WAF and CDN detector using response fingerprinting. |
brand_monitor(domain) |
Typosquatting and domain-impersonation finder. |
All functions are asynchronous except analyze_jwt, which runs fully offline.
Command-line usage
reconx scan example.com
reconx subdomains github.com --json
reconx jwt "eyJhbGci..."
reconx email-sec github.com
reconx waf cloudflare.com
Add --json to any command for raw JSON output.
AI agent (optional)
Bring any OpenAI-compatible API key.
import asyncio
from reconx.agent import ask
asyncio.run(ask("scan example.com and explain the risks", api_key="sk-..."))
export OPENAI_API_KEY=sk-...
# For a non-OpenAI provider, also set:
# export OPENAI_BASE_URL=https://openrouter.ai/api/v1
# export OPENAI_MODEL=openai/gpt-4o-mini
reconx ask "does cloudflare.com have a WAF?"
The agent selects the correct tool, executes it, and explains the findings in plain English. Requests go only to the provider you configure.
Design notes
- Light dependencies:
httpxanddnspythononly. - Data sources such as crt.sh and LeakCheck are free public services and can be rate-limited or briefly unavailable. Tools degrade gracefully and return a note rather than raising.
- Set
GITHUB_TOKENto raise the GitHub API rate limit forscan_github. - Authorized testing only. Scan targets you own or have written permission to test.
Who it is for
Bug bounty hunters, penetration testers, red teams, and security researchers who want a scriptable Python reconnaissance toolkit, plus anyone who prefers to query an AI security assistant in plain English instead of memorizing commands.
Keywords
Python security tools, OSINT library, reconnaissance toolkit, subdomain enumeration, WAF detection, JWT decoder, email breach lookup, SPF and DMARC checker, GitHub secret scanning, typosquatting detection, bug bounty, penetration testing, AI security agent, LLM tool calling.
License
MIT. Copyright (c) 2025 Muhammad Adil.
Built by Muhammad Adil
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file reconx_py-0.1.0.tar.gz.
File metadata
- Download URL: reconx_py-0.1.0.tar.gz
- Upload date:
- Size: 12.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
30da334fd19b6684ad1ca4e671f0c6da7bdd9616100a96ddb3e209032a35e05a
|
|
| MD5 |
d2ae4d2c2cae02fa8c999e00a41587ba
|
|
| BLAKE2b-256 |
ed765d721f7895850a21656768fa0432434a2d9f2d53b19b0b179c62e4dd293b
|
File details
Details for the file reconx_py-0.1.0-py3-none-any.whl.
File metadata
- Download URL: reconx_py-0.1.0-py3-none-any.whl
- Upload date:
- Size: 18.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
54c9f88c49acf695b5f92d665dab8e87a1c5a6fef0e5716b2965fa4fec136838
|
|
| MD5 |
4a6e7488820ed43ecf3f944910c3368c
|
|
| BLAKE2b-256 |
81510c94de496bdccd30fe865a3f6aaf159b2530f68a372083ed2bdef9ddea24
|