Add web profile endpoint discovery by CamiloCod3 · Pull Request #13 · CamiloCod3/ActiveRecon

CamiloCod3 · 2026-06-17T12:59:43Z

Summary

Add a web scan profile as a workflow preset, keeping the CLI simple: activerecon --target <target> --scan-profile web --output <name>.
Add internal endpoint_discovery module that uses HTTP Analysis results, fetches only successful HTTP services, extracts endpoints from HTML links/forms, path-like headers, inline strings, same-origin JavaScript, robots.txt, and a short safe well-known path list.
Add web_recon config for enabled profiles, endpoint limit, JavaScript fetching, same-origin behavior, and safe well-known paths.
Add Endpoint Discovery to results and Markdown reports when the web workflow runs.
Add low-noise Interesting Signals from endpoint discovery, including API-like paths, robots.txt/Disallow, response-header endpoints, JavaScript API paths, admin/debug/docs routes, and /ftp.
Keep existing CLI behavior backwards compatible and avoid aggressive fuzzing.

./venv/Scripts/python.exe -m pytest -> 55 passed
./venv/Scripts/python.exe -m compileall activerecon
./venv/Scripts/python.exe -m activerecon.main --target example.com --scan-profile web --output web-report --dry-run
git diff --check -> no whitespace errors; Git only reported CRLF normalization warnings

Add web profile endpoint discovery

bb54b5b

CamiloCod3 force-pushed the feature/doctor-nmap-controls branch from 96affe5 to bb54b5b Compare June 17, 2026 13:04

CamiloCod3 merged commit bccd0c9 into main Jun 17, 2026
2 checks passed