Orchestrate. Enumerate. Dominate. A unified intelligence platform that transforms 100+ fragmented security tools into a single automated reconnaissance machine.
ReconPortal v3.1 is a professional-grade bug bounty and OSINT orchestration platform. It unifies fragmented security tooling into a single intelligent interface β with visual relationship graphs, live surveillance streaming, identity management, and automated vulnerability workflows.
Built for ethical security researchers, bug bounty hunters, penetration testers, and red teams who need nation-state grade tooling with professional UX.
[Target Domain / Username / IP]
β
βΌ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β ReconPortal Intelligence Hub β
β β
β πΈοΈ Graph Engine β Visualize relationships β
β ποΈ Live Surveillance β Headless browser streaming β
β π Identity Vault β Sock puppet management β
β π οΈ Tool Orchestrator β 100+ unified tool runners β
β π Results Aggregatorβ Unified findings view β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
[Unified Intelligence Report]
Visualize complex recon data in a dynamic force-simulation node graph. Discover hidden relationships between usernames, IPs, social accounts, and domains through interactive physics-based exploration.
Real-time headless browser streaming via WebSockets. Watch automation agents navigate targets live. Built-in Auto-Warmer simulates human behavior to maintain high platform trust scores.
Manage and rotate hundreds of operational identities. Built-in cookie injection engine β bypass 2FA and login screens by injecting raw session payloads directly into the automation engine.
| Category | Tools |
|---|---|
| OSINT | Sherlock, Maigret, Instaloader, SpiderFoot, Recon-ng |
| Subdomain Recon | Subfinder, Amass, Assetfinder, Cero, Httpx |
| Vulnerability | Nuclei, Dalfox, SQLMap, Commix, XSStrike |
| Web Crawling | Katana, Crawley, LinkFinder, SecretFinder |
| Network | Nmap, Masscan, Shodan, Censys integrations |
| Password | Hashcat, John, custom wordlist pipelines |
Python 3.10+ β’ Node.js 18+ β’ Go 1.21+ (recommended) β’ Git β’ Docker (optional)
git clone https://github.com/gnonymous1/ReconPortal.git
cd ReconPortal
cp .env.example .env
# Edit .env with your credentials (see variable reference below)# Windows
Start Project.bat β Select [8] Install / Check Dependencies
# Linux/macOS
python3 install_all_tools.pyThis automatically:
- Clones 100+ security tools
- Installs all Python/Node packages
- Sets up Playwright headless engine
# Windows
Start Project.bat β Select [1] Start All Services
# Docker
docker-compose up -d
# Manual
python3 start_orchestrator.pyDashboard: http://localhost:3005/dashboard
API Docs: http://localhost:8000/docs
cp .env.example .env| Variable | Required | Description |
|---|---|---|
SECRET_KEY |
β | Django/FastAPI secret key |
JWT_SECRET |
β | JWT token signing key |
DB_PASS |
β | PostgreSQL password |
MINIO_USER |
β | MinIO object storage user |
MINIO_PASS |
β | MinIO object storage password |
DOMAIN |
β | Deployment domain (default: localhost) |
NEXT_PUBLIC_API_URL |
β | Frontend API base URL |
π All secrets via environment variables only. Never commit
.envto source control.
| Layer | Technology |
|---|---|
| Frontend | Next.js 14 Β· TailwindCSS Β· Framer Motion Β· React-Force-Graph |
| Backend | FastAPI (Python) Β· Uvicorn Β· Playwright |
| Real-time | WebSockets β live surveillance streaming |
| Storage | PostgreSQL Β· Redis Β· MinIO (object store) |
| Containers | Docker Compose β full stack orchestration |
| Automation | 100+ tool wrappers Β· Python subprocess orchestration |
ReconPortal/
β
βββ π₯οΈ frontend/ Next.js 14 intelligence dashboard
βββ βοΈ services/ FastAPI microservices
β βββ recon/ Subdomain & asset enumeration
β βββ osint/ Identity & social intelligence
β βββ vuln/ Vulnerability scanning pipeline
β βββ surveillance/ Headless browser streaming
βββ ποΈ database/ PostgreSQL schema & migrations
βββ π§ scripts/ Tool installation & orchestration
βββ π extension/ Browser extension (optional)
βββ π¦ docker-compose.yml Full stack container orchestration
βββ π .env.example Environment variable template
βββ π Project setup.md Detailed setup guide
# Full stack (recommended for production)
docker-compose up -d
# Development mode (hot-reload)
docker-compose -f docker-compose.dev.yml up
# View logs
docker-compose logs -f- AI-powered target prioritization (GPT/Gemini integration)
- Automated report generation (PDF + HTML)
- Team collaboration β multi-user workspaces
- Cloud scan distribution β distributed recon agents
- CVE correlation engine
- Slack/Discord webhook notifications
ReconPortal is for authorized security research and bug bounty hunting only.
- Only scan targets for which you have explicit written permission
- Comply with all applicable laws and bug bounty program rules
- The developers assume zero liability for misuse or damage
- Always verify scope before running any automated tool
git checkout -b feature/your-feature
# Make changes + test
git commit -m "feat: your feature"
# Open a Pull RequestSee CONTRIBUTING.md for full guidelines. Issues tagged good first issue are great starting points.
π Report Bug β’ β¨ Request Feature β’ π¬ Discuss
ReconPortal β Orchestrating the Attack Surface.