rengine

reNgine is a web application reconnaissance tool built for penetration testers, security researchers, and bug bounty hunters. Reconnaissance is the phase of a security assessment where you gather information about a target, such as discovering subdomains, open ports, file paths, and potential vulnerabilities, before attempting to test for weaknesses. reNgine automates much of that information-gathering work through a web-based interface rather than requiring users to manually run and stitch together many separate command-line tools.

The tool is organized around the concept of scan engines, which are configuration profiles written in YAML that define what to scan, which tools to run, how fast to run them, and what to look for. You can create custom engines for different situations or use the pre-built ones that ship with the project. Scans cover subdomain discovery, screenshot capture, endpoint collection, directory fuzzing, and vulnerability detection. Results from all these checks are stored in a database, so you can filter and search through findings using a query language rather than sorting through raw text files.

A continuous monitoring feature lets you schedule recurring scans against the same targets and get notified when new subdomains or changes appear. The interface also connects with bug bounty platforms, specifically HackerOne, so you can import your active programs directly. Reports can be exported as PDFs. The project has been presented at security conferences including Black Hat Arsenal multiple times, which gives some indication of its standing within the security community.

Installation is done through Docker, which packages all the dependencies together, and the README points to a dedicated documentation site for detailed setup steps. The tool is open source under the GPLv3 license. It is aimed at people doing authorized security testing work, not general audiences. Some comfort with Docker and web security concepts is assumed.