Site icon API Security Blog

ReconPal – Leveraging NLP For Infosec

[![](https://blogger.googleusercontent.com/img/a/AVvXsEg0DbWvIQOMVaBuGBCqW0LNGhNb0yQsKFSCgZ_B8YHMDvDMyEOUJtLu_rNUpJ5XjP8EaNZ4HGmZhvn86I1mm_7kv1IMBYMuGIyEIiasc05xIRxpqdpM9omUckTf5jdOLWfFGXEYiQ6bzdUAykbwKdyPe0p4-8sEsRHiTXST4od-SKOqA1nai6O7Cf6bOA=w640-h164)]()

Recon is one of the most important phases that seem easy but takes a lot of effort and skill to do right. One needs to know about the right tools, correct queries/syntax, run those queries, correlate the information, and sanitize the output. All of this might be easy for a seasoned infosec/recon professional to do, but for rest, it is still near to magic. How cool it will be to ask a simple question like “Find me an open Memcached server in Singapore with UDP support?” or “How many IP cameras in Singapore are using default credentials?” in a chat and get the answer?

The integration of GPT-3, deep learning-based language models to produce human-like text, with well-known recon tools like Shodan, is the foundation of ReconPal. ReconPal also supports using voice commands to execute popular [exploits]( “exploits” ) and perform reconnaissance.

## Built With

* OpenAI GPT-3
* Shodan API
* Speech-to-Text
* Telegram Bot
* Docker Containers
* Python 3

# Getting Started

To get ReconPal up and running, follow these simple steps.

### Prerequisites

* Telegram Bot Token Use BotFather and create a new [telegram]( “telegram” ) bot. Refer to the documentation at

* Shodan API:
Create a shodan Account and create a new API Key from

* Google Speech-to-Text API:
Enable Speech-to-Text in GCP and get the credentials. Refer to these steps from the documentation

* OpenAI API Key:
Create a free openAI account to try out the API.

* Docker

sudo apt-get updates?
sudo apt-get install docker.io?
sudo curl -L “https://github.com/docker/compose/releases/download/1.26.0/docker-compose-$(uname -s)-$(uname -m)” -o? /usr/local/bin/docker-compose?
chmod +x /usr/local/bin/docker-compose

### Installation

1. Clone the repo

git clone https://github.com/pentesteracademy/reconpal.git

2. Enter your OPENAI, SHODAN API keys, and TELEGRAM bot token in `docker-compose.yml`

OPENAI_API_KEY=
SHODAN_API_KEY=
TELEGRAM_BOT_TOKEN=

3. Start reconpal

docker-compose up

# Usage

Open the telegram app and select the created bot to use ReconPal.

1. Click on start or just type in the input box.

/start

2. Register the model.

/register

3. Test the tool with some commands.

scan 10.0.0.8

# Tool featured at

* Blackhat Asia Arsenal 2022

* Demonstration Video

# Contributors

Jeswin Mathai, Senior Security Researcher, INE [email protected]

Nishant Sharma, Security [Research]( “Research” ) Manager, INE [email protected]

Shantanu Kale, Cloud Developer, INE [email protected]

Sherin Stephen, Cloud Developer, INE [email protected]

Sarthak Saini (Ex-Pentester Academy)

# Documentation

For more details, refer to the “ReconPal.pdf” PDF file. This file contains the slide deck used for presentations.

# Screenshots

Starting reconpal and registering model

[]( “ReconPal: Leveraging NLP for Infosec (15)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEg2bkXBZwFAsHywOa4GGoXhMq4EvCcjHIufMFWrZRBe2zbaLQfbM8_2HxViDJqvAZkqpKBhF35pwrqRl54HwL0iHQ3iZP0Q96JDJ02HTLtHinWGS42hbceOaonnb6loiVBZUnOGWd3xHLZUwerJ7CbU3O_ckf4p0nmcAtzkijDMwqs5TCfDtbUMo8DXVw=w640-h364)]()

Finder module in action

[]( “ReconPal: Leveraging NLP for Infosec (16)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEjN8vVxLX0-2xql11JPTzg73guUH2WIismu2rnzIE0h_h31ucuHrlkFIo7EpgCZ3lB2GWpyaJ-R6iQXbka3Ppz_SWDxuKbOr4UNMdwbCUWrjoSfp22yAL6n—XLWkhzxGnsGHTAWZ5d_EkWezmtLntj4tT1f49iaK7tWYo5ne_qTs2WojSD5oO56-2Ow=w640-h360)]()

Scanner module in action

[]( “ReconPal: Leveraging NLP for Infosec (17)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEjBZiafdemZA3XchoRn5gWfhnPEWcFtGB4vKiPfR6YzggychwVdmnyq94Ff-4jeNA-vg8gJ9yA5zU50UrbbBcDdsTgQGvnlAsQO3JYB6lA0qb5QxSYAkI0nAYfY5OT_zDQswSNt_IO10-Ygsz8WEgzvCUp1gyo_y_5f-1svfrVvf5LO34fNElZoYy39DA=w640-h362)]()

Attacker module in action

[]( “ReconPal: Leveraging NLP for Infosec (18)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEiIVIcD5qzeUx7UFA3o6q6gZYifOMY7_CuD4v3ewnwCiW72s5Ws36ycdZSBB_uU9XTsR3ig2MleXwRFy0qqX7AT2ca66xmFBRQWAh9yZ_JkVbJoQwoChhTVPVn4Cc-srbZJPucDEH7AbZYWxUOWh1-WaY2TtfP9C-_b3uGknIpsVsz6FeoI9TVl71YUIw=w640-h360)]()

Voice Support

[]( “ReconPal: Leveraging NLP for Infosec (19)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEgxSzMg4eAar5ZrVacOZxODJOR9c1pgldPIh-Mv4P8OzOQEMF_yrbWQnq5gun1332yfxVJM2l8oD7g1Hv_H4dAWvK1sD0bG60m7NzU7-alK_Mdz0HCZCbA7jeGODs0DgZddAvC8BkMA5GnGNAJZHaIpfXxwl3RTCAcdiYOz3uVGmLJ968_WEfQUJ803NA=w640-h418)]()

# License

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License v2 as published by the Free Software Foundation.

This program is [distributed]( “distributed” ) in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see [https://www.gnu.org/licenses/]( “https://www.gnu.org/licenses/” ).

**[Download Reconpal]( “Download Reconpal” )**Read More

Exit mobile version