Installation & Setup

This guide will walk you through installing reconFTW, setting it up, and running your first reconnaissance scan.

System Requirements

Minimum Requirements

Resource

Minimum

Recommended

Ubuntu 20.04+ / Debian 11+ / Kali

Ubuntu 22.04 LTS

RAM

4 GB

8-16 GB

Disk Space

20 GB

50+ GB

CPU

2 cores

4+ cores

Network

Stable internet

High bandwidth

Supported Operating Systems

✅ Ubuntu 20.04, 22.04, 24.04 (Recommended)
✅ Debian 11, 12
✅ Kali Linux (latest rolling)
✅ Parrot OS
✅ macOS 12+ (with Homebrew)
✅ Docker (any platform)
⚠️ Windows WSL2 (experimental)

Required Dependencies

reconFTW will install most dependencies automatically, but these base packages are required:

# Ubuntu/Debian
sudo apt update
sudo apt install -y git curl wget python3 python3-pip ruby golang jq

# macOS (via Homebrew)
brew install git curl wget python@3 ruby go jq gnu-getopt coreutils gnu-sed bash

Installation Methods

Method 1: Local Installation (Recommended)

This is the standard installation for Linux/macOS systems.

# Clone the repository
git clone https://github.com/six2dez/reconftw.git
cd reconftw

# Run the installer (interactive)
./install.sh

# Or run non-interactively (option 1 = install all)
echo 1 | ./install.sh

The installer will:

Check system requirements
Install Go, Rust, and Python dependencies
Install 80+ security tools
Configure PATH and environment variables
Download required wordlists and resolvers

⏱️ Installation Time: 15-45 minutes depending on internet speed and system resources.

Installation Options

When running ./install.sh, you'll see these options:

Select an option:
1. Install all dependencies and tools
2. Install only tools (skip dependencies)
3. Update tools only
4. Check tool installation status

Method 2: Docker Installation

Docker provides a consistent environment across all platforms.

# Pull the official image
docker pull six2dez/reconftw:latest

# Run a scan
docker run --rm -v $(pwd)/Recon:/reconftw/Recon six2dez/reconftw:latest -d example.com -r

# Interactive mode
docker run -it --rm -v $(pwd)/Recon:/reconftw/Recon six2dez/reconftw:latest /bin/bash

Docker with Custom Configuration

# Mount your custom config
docker run --rm \
  -v $(pwd)/Recon:/reconftw/Recon \
  -v $(pwd)/my_config.cfg:/reconftw/reconftw.cfg \
  -e SHODAN_API_KEY="your_key" \
  six2dez/reconftw:latest -d example.com -r

Building Custom Docker Image

cd reconftw/Docker
docker build -t my-reconftw .

Method 3: Terraform + Ansible (Cloud Deployment)

For deploying reconFTW on AWS or other cloud providers:

cd reconftw/Terraform

# Configure your AWS credentials
export AWS_ACCESS_KEY_ID="your_key"
export AWS_SECRET_ACCESS_KEY="your_secret"

# Deploy infrastructure
terraform init
terraform apply

# Run Ansible playbook
ansible-playbook -i inventory reconFTW.yml

See Deployment Guide for detailed cloud setup.

macOS-Specific Setup

macOS requires additional Homebrew packages due to BSD tool differences:

# Install Homebrew if not installed
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

# Install required formulae
brew install bash coreutils gnu-sed gnu-getopt findutils grep

# Use Homebrew's bash (required for reconFTW)
# reconFTW will automatically use /opt/homebrew/bin/bash on Apple Silicon

Note: reconFTW automatically detects macOS and uses Homebrew GNU tools. Make sure they're installed before running.

Your First Scan

Basic Reconnaissance Scan

cd reconftw

# Standard reconnaissance
./reconftw.sh -d example.com -r

This will:

Enumerate subdomains (passive + active)
Probe for live web servers
Take screenshots
Extract URLs and JavaScript files
Run nuclei vulnerability scans
Generate organized output

Understanding the Output

Results are saved in Recon/<domain>/:

Recon/example.com/
├── subdomains/          # Discovered subdomains
│   ├── subdomains.txt   # Final subdomain list
│   └── ...
├── webs/                # Web server information
│   ├── webs.txt         # Live web servers
│   └── ...
├── hosts/               # Host/IP information
├── vulns/               # Vulnerability findings
├── osint/               # OSINT results
├── screenshots/         # Web screenshots
├── nuclei_output/       # Nuclei scan results
├── .log/                # Scan logs
└── .tmp/                # Temporary files

Quick Scan Examples

# Subdomain enumeration only (fast)
./reconftw.sh -d example.com -s

# Passive reconnaissance (non-intrusive)
./reconftw.sh -d example.com -p

# Full scan with vulnerability checks
./reconftw.sh -d example.com -a

# Scan from a list of domains
./reconftw.sh -l targets.txt -r

# Custom output directory
./reconftw.sh -d example.com -r -o /path/to/output

Verifying Installation

Check Tools Installation

# Verify all tools are installed
./reconftw.sh --check-tools

This displays a checklist of all required tools and their installation status.

Health Check

# Run system health check
./reconftw.sh --health-check

The health check verifies:

All critical dependencies are installed
Required files and directories exist
Configuration is valid
Network connectivity works

Dry Run Mode

Test your command without executing anything:

# Preview what commands would be executed
./reconftw.sh -d example.com -r --dry-run

Updating reconFTW

Update Everything

cd reconftw

# Pull latest code
git pull

# Update all tools
./install.sh --tools

Update Only Tools

./install.sh --tools
# Or use option 3 in interactive mode

Automatic Updates Before Scans

Enable in reconftw.cfg:

upgrade_before_running=true

Post-Installation Configuration

After installation, you should configure API keys for maximum effectiveness:

1. Create secrets.cfg

cp secrets.cfg.example secrets.cfg
chmod 600 secrets.cfg

Edit secrets.cfg:

# API keys for enhanced functionality
SHODAN_API_KEY="your_shodan_api_key"
WHOISXML_API="your_whoisxml_api_key"
XSS_SERVER="your_xss_hunter_server"
COLLAB_SERVER="your_interactsh_server"

2. Configure GitHub Tokens

Create $HOME/Tools/.github_tokens with one token per line:

ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
ghp_yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy

Multiple tokens help avoid rate limiting during GitHub reconnaissance.

3. Verify Configuration

# Test with a simple scan
./reconftw.sh -d example.com -p --dry-run

Common Installation Issues

"Go not found"

# Install Go manually
wget https://go.dev/dl/go1.21.linux-amd64.tar.gz
sudo tar -C /usr/local -xzf go1.21.linux-amd64.tar.gz
export PATH=$PATH:/usr/local/go/bin
export GOPATH=$HOME/go
export PATH=$PATH:$GOPATH/bin

"Permission denied"

# Fix permissions
chmod +x reconftw.sh install.sh

"Tool X not found"

# Reinstall specific tools
./install.sh --tools

See Troubleshooting for more solutions.

Next Steps

Now that reconFTW is installed:

Learn the concepts - Understand how reconFTW works
Explore usage options - Master command-line flags
Configure settings - Customize for your needs
Understand output - Interpret your results

Quick Reference Card

# Installation
git clone https://github.com/six2dez/reconftw.git && cd reconftw && ./install.sh

# Basic scans
./reconftw.sh -d target.com -r          # Full recon
./reconftw.sh -d target.com -s          # Subdomains only
./reconftw.sh -d target.com -p          # Passive only
./reconftw.sh -d target.com -a          # Full + vulns

# Advanced options
./reconftw.sh -d target.com -r --deep   # Deep/thorough scan
./reconftw.sh -d target.com -r -v       # With Axiom (distributed)
./reconftw.sh -l targets.txt -r         # Multiple targets

# Maintenance
./reconftw.sh --check-tools             # Verify installation
./reconftw.sh --health-check            # System health
./install.sh --tools                    # Update tools

PreviousGlossary NextConcepts & Architecture

Last updated 1 month ago

Good morning

hashtagSystem Requirements

hashtagMinimum Requirements

hashtagSupported Operating Systems

hashtagRequired Dependencies

hashtagInstallation Methods

hashtagMethod 1: Local Installation (Recommended)

hashtagInstallation Options

hashtagMethod 2: Docker Installation

hashtagDocker with Custom Configuration

hashtagBuilding Custom Docker Image

hashtagMethod 3: Terraform + Ansible (Cloud Deployment)

hashtagmacOS-Specific Setup

hashtagYour First Scan

hashtagBasic Reconnaissance Scan

hashtagUnderstanding the Output

hashtagQuick Scan Examples

hashtagVerifying Installation

hashtagCheck Tools Installation

hashtagHealth Check

hashtagDry Run Mode

hashtagUpdating reconFTW

hashtagUpdate Everything

hashtagUpdate Only Tools

hashtagAutomatic Updates Before Scans

hashtagPost-Installation Configuration

hashtag1. Create secrets.cfg

hashtag2. Configure GitHub Tokens

hashtag3. Verify Configuration

hashtagCommon Installation Issues

hashtag"Go not found"

hashtag"Permission denied"

hashtag"Tool X not found"

hashtagNext Steps

hashtagQuick Reference Card