Using Recon-ng to make reconnaissance of a profile of social media/Finding Flaws/Gathering Information

Hello Everybody

Today I’m gonna show How to make reconnaissance of a Profile of Social Media / Finding flaws/ Gathering Information of a server using Recon-ng tool

Recon-ng is a best reconnaissance tool developed by Tim tones and it’s completely written in Python Language. This tool contains reporting modules, exploitation modules, Reconnaissance model, Vulnerability discovery modules. This Recon-ng tool will be available in Some of the Penetration Testing Linux Distributions and some of the security based operating Systems such as BSD, FreeBSD,OpenBSD. To Install a Recon-ng tool in any one of the penetration testing linux distribution just you need to do is

apt-get download recon-ng, apt-get install recon-ng.

I had made a reconnaissance of SAP Server and I had found that SAP server is extremely prone to XSS flaws. The sample shot is here

As you see in the picture the SAP server is showing the XSS flaw. The XSS is a serious flaw found in each and every web server, that a Website is either prone to Web Defacement attack, so that a website outlook can be vandalized using either local file inclusion / remote file inclusion or SSRF (Server Side Request Forgery) or CSRF (Client Side Request Forgery) or SQL Injection. So it’s must and should, the XSS- Frame header must have to be introduced to fix XSS flaw in a website.