Reconnaissance & OSINT Automation

Official

Map your attack surface in minutes.

AuthorGhostPWN
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill removes the manual overhead of early-stage security research by organizing subdomain discovery, DNS review, web technology fingerprinting, and OSINT correlation into one guided workflow.

Core Features & Use Cases

  • Passive and active reconnaissance: Discover subdomains from Certificate Transparency logs, DNS records, wildcard checks, and optional brute-force enumeration.
  • DNS and email posture analysis: Review A, AAAA, MX, NS, TXT, SOA, SRV, CNAME, CAA, and PTR data, plus SPF, DMARC, DKIM, and zone transfer exposure.
  • Web technology fingerprinting: Identify servers, CMS platforms, frameworks, CDNs, WAFs, analytics, and missing security headers from live URLs.
  • Use case: A security assessor can start with a single domain and quickly produce a confirmed asset list, live host inventory, and prioritized follow-up targets for deeper testing.

Quick Start

Ask the skill to perform authorized reconnaissance on a target domain and return discovered subdomains, DNS findings, technology fingerprints, and notable exposure risks.

Dependency Matrix

Required Modules

requestsdnspython

Components

scripts

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: Reconnaissance & OSINT Automation
Download link: https://github.com/GhostPWN/ghostpwn/archive/main.zip#reconnaissance-osint-automation

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.