Files changed (1)
Recon-ng enables the consistent display of output to the user in multiple styles using three different methods. The functions can be called anywhere within a module to present a consistent interface to the user.
+Interacting with the database is easy in Recon-ng. There are core database interaction methods which allow the addition of hosts, contacts, and credentials to the database. There is also a generic query method for all other queries. In each case, the work of setting up the connection, extracting the results, and closing the connection is done for you.
+* Add a contact to the database and return the affected row count. "fname" is the first name of the contact. "lname" is the last name of the contact. "title" is the job title of the contact. "email" is the optional email address of the contact.
+* Add a credential to the database and return the affected row count. "username" is the username portion of the credential. "password" is the optional password portion of the credential. "hash type" is the optional hash type of the password, if the password is in the form of a hash. "leak" is optional information about the leaked credential.
+Some Recon-ng modules may require an API key. To prevent having to continually input API keys, Recon-ng provides methods which assist in the key management process. When the user runs a module that requires an API key, the module should use the available methods to achieve the following flow:
+> Retrieves an API key from the API key storage database. "key_name" is the unique name for the key when stored in the database.
+> Retrieves an API key from the user. "key_text" is optional text to be used to describe the key when prompting the user.
+> Adds an API key to the API key storage database. "key_name" is the unique name for the key when stored in the database. "key_value" is the key string to store in the database.
+> Automates the API key retrieval and storage process by combining the above methods into the proper flow. "key_name" is the unique name for the key when stored in the database. "key_text" is text to be used to describe the key when prompting the user.
+The most important capability of a tool which specializes in web based reconnaissance is the ability to make web requests. Recon-ng relieves the burden of complicated request building logic by providing a custom method for handling web requests.
+> Makes a web request and returns a response object. "url" is the base URL of the request. "method" is the method of the request. Currently, only "GET" or "POST" are available. "payload" is a dictionary of name:value pairs to be encoded as request parameters. "payload" should be used for "GET" and "POST" methods as the request method will encode and build the request as needed per method. "headers" is a dictionary of name:value pairs to be added as request headers. "cookies" is a dictionary of name:value pairs to be used as request cookies. No cookie jar currently available.
+The resulting response object after a successful request allows quick access to all of the information required for further action.
+Recon-ng attempts to auto detect the charset encoding by analyzing the response headers. If not found, 'utf-8' is used as the default encoding. The encoding property is writable and will effect how the "resp.text" property is decoded. WARNING: This will also effect the ability of Recon-ng to build a JSON object out of "resp.text".