BlackDragon Advanced Automation Tool For Web-Recon

BlackDragon: Advanced Automation Tool For Web-Recon

An Advanced Automation Tool For Web-Recon Developed For Linux Systems

It’s A Tool To Automate The Web Reconnaissance Proccess, Which Make It Easier To Gather Informations About Your Target. This Tool Will Help You In Your Bug Hunting Or Web Penetration Testing Operation Because It Not Only Gather Informations About The Target, But Also It Arranges All These Information In A Structed Way Which Makes You Analyse The Data In A Good Way.

This Tool Works In Linux Systems, Specially In Debian & Debian Based Systems.

Tested On:

  1. Kali Linux
  2. Parrot OS
  3. Back Box

And Other Debian Based Linux Distro’s

What Is The Best Use For This Tool ?

This Is An Automated Tool, So Simply You Give It A Target Then Simply The Tool Took All The Information & And Save The Results In Ordered Directories & Files, But When You Do The Recon You Just Use This Tool, But Also You Should Do Some Manual Activity, This Mindmap Shows The Whole Operation Of BlackDragon Recon Methodology:

Methodology by BlackDragon
Methodology by BlackDragon for Web Recon

So Any Tool Based Recon In This Methodology, I Put It Here In This Automation Tool, But I Prefer To Do So Recon Manually, So First You Should Search Deeply In The IOT Search Engines Like:

Also You Should Search In Some FTP Search Engines Like:

When You Wanna Make A Powerfull Recon, You Should Also Look At:

  • -> For Target Email Searching
  • Public-WWW -> For String Searching In Public Source Codes

What Did This Tool D

Subdomain-Gathering Using:

  •  Subfinder
  •  Sublist3r
  •  Amass
    • Enum:
      • Active Recon
      • Passive Recon
    • Intel:
      • Active Recon
  •  Assetfinder
  •  Knockpy
  •  github-subdomains

Getting The Whole Subdomain Gathered Then Filter The Unique Domains And Extract The Only Live Subdomain Using:

  •  httpx

Fuzzing The Application Target Based Using:

  •  Gobuster
  •  Dirsearch
  •  Dirb

Endpoints Gathering Using:

  •  Waybackurls
  •  github-endpoints

DNS Information Gathering Using:

  •  DNSMap
  •  DNSEnum
  •  MassDNS
  •  Gobuster

Port Scanning

  •  rustscan

What’s New In This Version [2.0]

  • Bug Fixes
  • Amass Enum Passive & Active Recon
  • Amass Intel Passive & Active Recon
  • Domains Ports Discovery & Screen Shootig
  • Vulnerability Scanning:
    • CVE Scanning
    • Workflow Scanning
    • Default-Logins Scanning
    • Takeovers Scanning
    • Exposed Panels Scanning
  • IoT Search Engine Recon [Shodan]:
    • Domain Info Gathering
    • Host Info Gathering
    • Honeypot Checker
  • HTTP & HTTPS Filtering
  • Smarter Functionalities


Be Sure To Delete The Previous Version The Install The New

First Delete The Previous Version If Exists:

rm -rf BlackDragon

Then Simply After Cloning The Repository By Typing :

git clone

Then Open Up The BlackDragon Directory:

cd BlackDragon/

After That Give The Execution Permission To The Installation Script And The Tool Script:

chmod +x install; chmod +x Black-Dragon

Finally Run The Installation Script:


Tool Using Syntax:




DO NOT Add http:// or https:// In The Domain, The Tool Do This Automatically

Tool Output Example

cyber-guy@Security:~/BlackDragon$ ./Black-Dragon

                                           .:os  `.yMMMMMMMMMMMMMMMMMMMMNd+`
                                         :ymMm/ ``.oMMMMMMMMMMMMMMMMMMMMMMMm/
                            `oddddhyso/-.`.-` ```.-:ohNMMMMMMMMMMMMMMMMMMMMMMNy-
                              ```     ``..            .+dMMMMMMMMMMMMMMMMMMMMMMNo
                                  ./ohdmmo```..         `/mMMMMMMMMMMMMMMMMMMMMMMs
                               .+hNMMMMMMNmmmmm:.....`    .dMMMMMMMMMMMMMMMMMMMMMM-
                             `omMMNNmmmNNMMMMMMMNmmm+-.    `mMMMMMMMMMMMMMMMMN+:yM/
                            `hMmy/-.....-:/ohmNMMMMo        +MMMMMMMMMMMMMMMMh  `m`
                            sMd.             `-sNMMs        -MMMMMMMMMMMMMMMMs  ..
                            NM+                 .yMN        +MMMMMMMMMMMMMMMM/
                            NMh`                 `hm       .mMMMMMMMMMMMMMMMm`
                            sMMy.                 --      :mMMMMMMMMMMMMMMMM/
                            `dMMNs-`                   `:yMMMMMMMMMMdymMMMN+
                             .hMMMMds/-.`         `.-+ymMMMMMMMMMMNo` hMMm:
                               +mMMMMMMNdhyysssyyhdNMMMMMMMMMMMMms.  +Mmo`
                                `/ymMMMMMMMMMMMMMMMMMMMMMMMMNmh/`   +s:`

			          An Automated Tool For Web-Recon
					Developed By Momen Ali
					    The CyberGuy

                                         _    __________ _  __
                                        | |  / /  _/ __ | |/ /
                                        | | / // // /_/ |   / 
                                        | |/ _/ // ____/   |  
                                        |___/___/_/   /_/|_|  


[+] Target Domain =>
[+] Date => 05-05-2021
[+] Current User => cyber-guy


[+] Current Recon Path: => /home/cyber-guy/BlackDragon/

Dark Mode