Agent

An agent is the blood of ReconNess, without agents, ReconNess is only a Web App to render your database tables with you #recon in a fancy way.

What is an Agent?

An agent is who runs the tools against the Target or the Target's Subdomains, parse the output from the terminal and save it into the database, such with one click. But you need to provide all the set up to run the tool in the terminal, if you can run that tool in the terminal means that if ReconNess has access to the same environment it can run that tool too and you need to provide the Script too to parse the output. Check this link for more details about the Script.

Add new Agent

You can click on New Agent on Agents Menu

Agents Menu

Here you define the Agent Name, Categories, Command, Arguments, if Run by Subdomains, if Run only if is Alive and Skip If ran Before, check below for details.

New Agent page

Name: The Agent's Name.

Categories: An Agent can below to different categories like brute force, passive enum, etc. You can define your categories.

Command: The command to run the tool:

{{domain}} variable used to replace that for the real target root domain or subdomain

{{targetName}} variable used to replace that for the target name

for example:

python ~/Desktop/tools/Sublist3r/sublist3r.py -d {{domain}}

Run by Subdomains: If the scope of this tool is the subdomains instead of the target root domain, for example, Nmap is a tool to run for each subdomain for the Target.

Run Only if it is Alive: This option can only be selected if the scope for the Tool is the subdomains and allows ignore the subdomains that are not alive.

Skip if Ran Before: This option is for subdomains scope too and allow skip the subdomain if the tool ran before using that subdomain.

Each Agent can run in the target scope or the subdomain scope (if Run by Subdmains was selected), if you run an Agent in the Target but that Agent has a subdomain scope, the agent is going to run for each subdomain belong to the Target, for example, if you run Nmap in the Target, it is going to run in all the subdomains, because Nmap is an Agent with subdomain scope.

You can run an Agent from the tag Agents in the Target that contain the list of Agents, for example, Sublist3rs and GoBuster.

List of Agents that you can run over the Target

You can run an Agent in the tag Agents in the Subdomain that contain the list of Agents with Run by Subdmains selected.

An agent group three main process:

  • Run a process in the terminal with arguments, like Sublist3r, Nmap, etc.

  • Parse the terminal output line by line using the Script.

  • Save the return object from the Script into the database automatically.

Run terminal process

ReconNess create a Bash process to run the tool using the absolute path and the arguments provide for you and replacing {{domain}} for the root domain if the scope is the Target or for a subdomain if the scope is a subdomain.

Parse Terminal Output

After the tool is running, ReconNess obtains the terminal output line by line and sends that the Script to parse the output returning an object ScriptOutput with the result.

Save on Database

If the Script returned the object ScriptOutput with data, ReconNess save that object in the database.

Terminal Modal

Agent running

Click on Terminal button

Terminal Modal

Logs Modal

Click in Logs button

Logs Modal