NovSec Recon is a powerful automated reconnaissance tool for bug bounty hunters and security researchers. It uses multiple tools like subfinder, assetfinder, dnsx, httpx, waybackurls, gau, and katana to collect, resolve, and analyze subdomains and historical URLs of any target domain.
- Subdomain enumeration from multiple sources
- DNS resolution using
dnsx - HTTP probing with status code, title, and tech detection
- Status code based filtering (200, 403, 404)
- 2nd-level domain enumeration
- Historical URL collection (
waybackurls,gau,katana) - JS file and parameter discovery
- Neatly organized output per domain
chmod +x novsec-recon.sh
./novsec-recon.sh