# ReconFTW (six2dez)

## Enumerating Subdomains using ReconFTW

```javascript
./reconftw.sh -s <domain> -o <path to the folder>
```

## Full Recon using ReconFTW

i will run this in **screen** so that i switch off my VPS or something bad happens, my scan is still running in the background always.&#x20;

```javascript
./reconftw.sh -d domain.com -r --deep -o /root/Bug-Bounty/Domain.com
```

<figure><img src="https://3420091786-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fy1ZUO45eHY8aMCLJ7OiN%2Fuploads%2FPGMBhlgKFFYXThCPEUQK%2Fimage.png?alt=media&#x26;token=cdb986eb-7ffa-46c8-a844-c6b3cee8d7e9" alt=""><figcaption></figcaption></figure>

## Full Aggressive Recon and All Active Attacks

```javascript
./reconftw.sh -d www.domain.com -a --deep -o /root/Bug-Bounty/domain/
```

<figure><img src="https://3420091786-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fy1ZUO45eHY8aMCLJ7OiN%2Fuploads%2FW6yMoBDvwxh5fHFO4fB4%2Fimage.png?alt=media&#x26;token=84db0769-1e10-46fe-86c4-3235e09d4467" alt=""><figcaption></figcaption></figure>