Speed Up AutoRecon Scans

G5 Cyber Security

3 months ago

TL;DR

AutoRecon scans can take a long time. This guide shows you how to make them faster by limiting the scope, using fewer modules, and optimising your system.

1. Understand Why AutoRecon is Slow

AutoRecon performs many checks on a target. The more it does, the longer it takes. Common causes of slow scans include:

Large Scope: Scanning too many IP addresses or domains.
Too Many Modules: Running all available modules when you only need a few.
System Resources: Insufficient CPU, memory, or disk speed.
Network Issues: Slow internet connection or network congestion.

2. Limit the Scan Scope

The most significant impact on scan time is the number of targets. Focus your scans:

Single Target: If you’re investigating a specific host, only scan that one IP address or domain.
Small Subnet: Scan a limited subnet (e.g., 192.168.1.0/24) instead of an entire network.
Target List File: Use a text file containing only the targets you need to scan. Create this file with one target per line.

When running AutoRecon, specify your target using the -t or --target option:

autorecon -t example.com

3. Select Specific Modules

AutoRecon runs all modules by default. Choose only the ones relevant to your needs.

Identify Needed Information: What are you trying to find? (e.g., open ports, vulnerabilities, DNS records).
Use Module Flags: Use the -m or --modules option to specify which modules to run. Separate multiple module names with commas.

Example: To only run port scanning and banner grabbing:

autorecon -t example.com -m portscan,bannergrab

4. Optimise System Resources

AutoRecon is resource-intensive. Ensure your system can handle it.

CPU: Close unnecessary applications to free up CPU cores.
Memory (RAM): AutoRecon benefits from having enough RAM. 16GB or more is recommended for larger scans.
Disk Speed: Use an SSD instead of a traditional HDD for faster read/write speeds.

5. Check Network Connectivity

A slow network connection will significantly increase scan time.

Internet Speed: Ensure you have a stable and reasonably fast internet connection.
Network Congestion: Avoid running scans during peak network usage times.
Firewall/IDS: Check if your firewall or intrusion detection system is blocking AutoRecon’s traffic.

6. Use the `--fast` Option

The --fast option disables some less critical modules to speed up scans.

autorecon -t example.com --fast

7. Review AutoRecon Output Regularly

Monitor the scan progress and output. If it’s stuck on a particular module for an extended period, consider stopping the scan and investigating.