Reconnaissance & OSINT Automation
OfficialMap your attack surface in minutes.
Education & Research#reconnaissance#subdomain enumeration#attack surface#osint#technology fingerprinting#security research#dns analysis
AuthorGhostPWN
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill removes the manual overhead of early-stage security research by organizing subdomain discovery, DNS review, web technology fingerprinting, and OSINT correlation into one guided workflow.
Core Features & Use Cases
- Passive and active reconnaissance: Discover subdomains from Certificate Transparency logs, DNS records, wildcard checks, and optional brute-force enumeration.
- DNS and email posture analysis: Review A, AAAA, MX, NS, TXT, SOA, SRV, CNAME, CAA, and PTR data, plus SPF, DMARC, DKIM, and zone transfer exposure.
- Web technology fingerprinting: Identify servers, CMS platforms, frameworks, CDNs, WAFs, analytics, and missing security headers from live URLs.
- Use case: A security assessor can start with a single domain and quickly produce a confirmed asset list, live host inventory, and prioritized follow-up targets for deeper testing.
Quick Start
Ask the skill to perform authorized reconnaissance on a target domain and return discovered subdomains, DNS findings, technology fingerprints, and notable exposure risks.
Dependency Matrix
Required Modules
requestsdnspython
Components
scripts
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: Reconnaissance & OSINT Automation Download link: https://github.com/GhostPWN/ghostpwn/archive/main.zip#reconnaissance-osint-automation Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.