reNgine is an automated web reconnaissance framework designed for security professionals, penetration testers, and bug bounty hunters. It streamlines the information gathering process through configurable engines, data correlation, continuous monitoring, and a user-friendly interface, aiming to simplify and enhance reconnaissance efforts.

How It Works

reNgine employs a database-backed architecture for organizing and correlating reconnaissance data, moving beyond traditional file-based outputs. It utilizes highly configurable, YAML-based scan engines that allow users to customize parameters like thread management and timeouts, offering pre-configured options for common tasks. A key feature is "Subscans," enabling focused scans on newly discovered assets without waiting for the entire pipeline to complete. The framework also integrates GPT for generating detailed vulnerability reports, including remediation steps and impact assessments, and for suggesting potential attack surfaces based on reconnaissance data.

Quick Start & Requirements

• Install: Clone the repository (git clone https://github.com/yogeshojha/rengine), navigate into it (cd rengine), configure .env (especially POSTGRES_PASSWORD), and run sudo ./install.sh. A non-interactive install is available with sudo ./install.sh -n.
• Prerequisites: PostgreSQL, Python 3.
• Resources: Recommended RAM for Celery workers: 4GB (MAX_CONCURRENCY=10), 8GB (MAX_CONCURRENCY=30), 16GB (MAX_CONCURRENCY=50).
• Documentation: https://rengine.wiki

Highlighted Details

• Integrates HackerOne bounty programs and provides in-app notifications.
• Features "Subscans" for on-demand, targeted reconnaissance of new findings.
• Offers GPT-powered vulnerability reports with remediation and impact analysis.
• Supports role-based access control (Sys Admin, Penetration Tester, Auditor).
• Includes continuous monitoring with notifications via Discord, Slack, and Telegram.

Maintenance & Community

• Active development with recent release 2.2.0.
• Community support available via Discord.
• Contributions are welcomed, with a guide for new contributors.
• Enterprise support is available through HailBytes.

Licensing & Compatibility

• License: GNU GPL v3.
• Compatibility: GPLv3 is a strong copyleft license, potentially impacting integration with closed-source commercial applications.

Limitations & Caveats

The project notes that parts of the README were refined using AI language models. While community-curated videos are provided, users are advised to refer to official documentation for the most up-to-date information, as community content may become outdated.