NahamSec Releases New Video on Setting Up a Recon Box with Project Discovery Tools

23 Sep 2025

CybersecurityReconnaissanceProjectDiscoveryNahamSecVPSUbuntuZSHGoSubfinderNucleiHTTPXShuffleDNSAlterXDNSXNabooKatanaPenetrationTestingCloudServices

In this video, NahamSec guides viewers through setting up a reconnaissance box (recon box) from scratch, using various tools from Project Discovery. The goal is to demonstrate how to effectively use these tools to discover assets and content on potential targets, rather than just running them without a strategy.

Setting Up the Recon Box

The video begins with the setup of a VPS (Virtual Private Server) using a cloud service provider. NahamSec explains how to choose a suitable plan and configure the server with Ubuntu. Next, he installs ZSH and Go, which are necessary for the Project Discovery tools. He also uses a management tool to easily install and update all Project Discovery tools.

Installing Project Discovery Tools

NahamSec shows how to install tools like Subfinder, Nuclei, and HTTPX using the Project Discovery toolkit. He emphasizes the importance of properly configuring these tools to get the most out of their features. For example, he recommends setting up API keys for Subfinder to obtain more complete and accurate results.

Reconnaissance Methodology

Reconnaissance is divided into two main pillars: asset discovery and content discovery. Asset discovery involves finding domains, subdomains, IP addresses, and other attackable elements. Content discovery, on the other hand, involves gathering information and finding content to exploit, such as files, directories, and entry points in web applications.

Using the Tools

NahamSec demonstrates the use of several tools for asset discovery. He starts with Subfinder to find subdomains, then uses ShuffleDNS for domain brute-forcing. He introduces AlterX for generating subdomain permutations and DNSX for verifying domain resolution. Next, he uses Naboo to scan for open ports on the discovered domains.

Analyzing Results

Once assets are discovered, NahamSec uses HTTPX to obtain additional information about web applications, such as page titles, status codes, and redirects. He shows how this information can help identify interesting targets for more in-depth penetration testing.

Crawling and Content Analysis

For content discovery, NahamSec uses Katana to crawl websites and extract additional entry points. He shows how to configure Katana to analyze JavaScript files and discover hidden endpoints. He also emphasizes the importance of crawling websites while authenticated to discover additional content.

Conclusion

NahamSec concludes by stressing the importance of properly configuring and using Project Discovery tools to maximize the effectiveness of reconnaissance. He encourages viewers to explore the options of each tool further and adapt the methodology to their specific needs.

To watch the full video and get more details, visit: https://www.youtube.com/watch?v=evyxNUzl-HA