RedRoom Recon Category : Overview

Reconnaissance — The First Step

This category holds the first steps in a hacker’s methodology: Passive and Active Reconnaissance. It consists of a variety of tools built to extract as much information as possible about a target — efficiently and systematically.

Tools Included in the Recon Category

So, which tools does the Recon category consist of so far?

  • Host Scan

  • Host Profiling

  • Port Scan

  • DNS Enumeration

  • Sub-Domain Enumeration

  • Trace Route

Each tool is designed to focus on a specific phase of information gathering and can be executed independently or as part of a larger chain.

Automation vs User Control

These tools also support different methods to get results.
Most of the methods can run completely automatically, selecting the most appropriate one based on the scenario.
At the same time, the user has the option to manually pick a specific method, offering control and flexibility.

Recon Methods and File Structure

The Recon category is backed by a method-rich structure, each mapped to specific functionality. Here's a breakdown of their paths:

/methods_recon/protocol_scans/arp_scan.py
/methods_recon/protocol_scans/tcp_scan.py
/methods_recon/protocol_scans/icmp_scan.py
/methods_recon/protocol_scans/udp_scan.py

/methods_recon/digital_fingerprinting/auto_host.py
/methods_recon/digital_fingerprinting/find_ports.py
/methods_recon/digital_fingerprinting/os_detection.py
/methods_recon/digital_fingerprinting/vendor_lookup.py

/methods_recon/dns_resolve/resolve_lookup.py
/methods_recon/dns_resolve/subdomain_resolve.py

These methods serve as the functional backbone for each recon tool. The structure follows a modular and scalable approach, making it easy to expand or adapt.

Interconnected with the System

Like all other categories, Recon is called via main.py.
In many cases, methods or tools from this category are also invoked by tools in other categories (like Exploitation or Post-Exploitation) when necessary — showcasing RedRoom’s interconnected design.


Recon Category Diagram:


What’s Next?

Now that we’ve covered the overall structure of RedRoom, its purpose, and the overview of the first category, we can begin diving into each tool — from a more technical and code-level perspective — starting in the next article.

0
Subscribe to my newsletter

Read articles from Ektoras Kalantzis directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Ektoras Kalantzis
Ektoras Kalantzis