Built for bug bounty hunters · CTF players · pentesters · security researchers

---

◈   About

RYN27 is a free, open-source CLI tool for OSINT and information gathering, built with a premium terminal UI powered by Rich. It bundles 19 recon modules into a single interactive menu — no config files, no API keys required for most features, no bloat.

The tool was designed to be fast to launch and easy to use — type a domain or IP, pick a number, get results. Everything from WHOIS to SSL certificate inspection to threaded port scanning runs from the same interface, with clean formatted output that's easy to read and share.

Language	Python 3.9+
Architecture	Modular — modules/ structure, easy to extend
UI	Rich — panels, tables, progress bars, truecolor themes
Platform	Linux · macOS · Windows · Android (Termux)
Dependencies	Auto-installed on first run
License	MIT

---

✦   PREVIEW   ✦

---

✦   GIVE IT A STAR   ✦

If RYN27 has ever helped your recon, your bounty, or your learning — a ⭐ star is the best way to say thank you.

It takes 2 seconds. It means everything. 🙏

---

◈   Features

🌐 Web Recon

#	Feature	What You Get
01	Website Information	Status code, response time, server fingerprint, page title, cookies, redirect chain, security header snapshot
02	HTTP Security Audit	Deep audit of 10 critical headers — HSTS, CSP, X-Frame-Options, COOP, CORP, COEP — with a visual 0–100% security score
03	Technology Detection	Full stack fingerprint via builtwith + header analysis — CMS, framework, CDN, analytics, caching layer
04	Metadata Crawler	All <meta> tags, Open Graph (og:), Twitter Card, <link> tags, and external script inventory
05	Robots & Sitemap	Reads and parses /robots.txt, /sitemap.xml, /sitemap_index.xml
06	Email / Contact Harvest	Extracts email addresses, phone numbers, and social media links (FB, IG, LinkedIn, GitHub, Telegram…)
07	Full Website Recon	Combo: Website Info + HTTP Audit + Tech Detection — complete first-look recon in one pass

🔗 DNS / Network

#	Feature	What You Get
08	DNS Records (Full)	A, AAAA, MX, NS, TXT, CNAME, SOA, SRV, CAA — every record type in one query
09	Domain WHOIS	Registrar, creation & expiry dates with live countdown, registrant org/country, name servers
10	Subdomain Enumeration	DNS brute-force with ~100 curated wordlist, 40 concurrent threads — fast and dependency-free
11	DNS Zone Transfer	AXFR attempt against all nameservers — catches misconfigured DNS servers
12	Shared DNS Lookup	Discover domains sharing the same nameserver via HackerTarget API
13	Forward DNS	A, AAAA, MX, NS, TXT, CNAME, SOA lookup

🖥️ IP / Host

#	Feature	What You Get
14	IP Geolocation	Country (flag 🏳️), region, city, ISP, AS number, proxy/VPN detection, Google Maps link
15	Port Scan (Threaded)	28 common ports · 30 worker threads · 1.2s timeout · HTTP banner grabbing per open port
16	Reverse IP Lookup	All domains co-hosted on the same IP address
17	Forward IP Lookup	Domain → IPv4 (A record) resolution
18	Reverse DNS Lookup	PTR record — IP address → hostname

🔒 SSL / TLS

#	Feature	What You Get
19	SSL/TLS Certificate	Validity dates with expiry countdown, issuer chain, Subject Alt Names, cipher suite, protocol version

📚 Built-in Extras

#	Feature	What You Get
20	Tutorial / Usage Guide	Full in-terminal guide — installation, feature reference, tips & best practices, real-world examples
21	About RYN27	Tool info, dependencies, changelog, disclaimer, contact & donate links

---

◈   Installation

Linux / macOS

git clone https://github.com/ruyynn/RYN27.git
cd RYN27
python3 RYN27.py

Windows

git clone https://github.com/ruyynn/RYN27.git
cd RYN27
python RYN27.py

Termux (Android)

pkg update && pkg upgrade
pkg install python git
git clone https://github.com/ruyynn/RYN27.git
cd RYN27
python RYN27.py

Manual pip install

pip install requests rich python-whois dnspython builtwith beautifulsoup4 cryptography
python RYN27.py

All dependencies install automatically on first run. Manual install is only needed if auto-install fails.

---

◈   Quick Start

python3 RYN27.py

Pick a number and go:

[7]   Full Website Recon      →  example.com
[10]  Subdomain Enumeration   →  example.com
[15]  Port Scan               →  192.168.1.1  or  example.com
[19]  SSL/TLS Certificate     →  example.com
[9]   Domain WHOIS            →  example.com
[14]  IP Geolocation          →  8.8.8.8
[2]   HTTP Security Audit     →  example.com
[6]   Email Harvest           →  example.com

Recommended bug bounty recon chain:

[9] WHOIS  →  [8] DNS Records  →  [10] Subdomains  →  [7] Full Recon  →  [19] SSL  →  [2] Security Audit

---

◈   Project Structure

RYN27/
│
├── RYN27.py                ← Entry point — run this
│
└── modules/
    ├── __init__.py         ← Package init
    ├── theme.py            ← Cross-platform color detection & Rich theme engine
    ├── utils.py            ← Shared helpers — clean_domain, spinner, print_result…
    ├── logo.py             ← ASCII logo (Indonesian flag gradient 🇮🇩) + star art
    ├── web_recon.py        ← Features  1–7   (web recon)
    ├── dns_tools.py        ← Features  8–13  (DNS & WHOIS)
    ├── ip_tools.py         ← Features 14–19  (IP, port scan, SSL)
    └── menu.py             ← Menu · Tutorial · About

---

◈   Disclaimer

RYN27 is built ONLY for educational purposes and LEGAL security testing.

✅ ALLOWED:
   • Your own servers and websites
   • Targets with explicit written permission from the owner
   • Lab environments, CTF challenges, official bug bounty platforms

❌ PROHIBITED:
   • Other people's servers / websites without permission
   • Government and military infrastructure
   • Any public or commercial service without consent

The user is solely responsible for how this tool is used.
The developer holds no liability for any misuse or damage caused.
Violations may result in legal consequences under applicable cybercrime laws.

---

◈   Changelog

v1.8.0 — Current

• 🏗️ Modular architecture — clean modules/ structure, easy to extend
• ✨ 7 new features — HTTP Security Audit, Subdomain Enum, SSL/TLS Inspector, Robots & Sitemap, Email Harvester, Full Website Recon, Forward DNS (full)
• ⚡ Port scan — threaded (30 workers), banner grabbing, 28 ports (was 21)
• 🌍 IP Geolocation — proxy/VPN detection, flag emoji, Google Maps link
• 📋 WHOIS — expiry countdown (expired / expiring soon / safe), updated date
• 📖 In-terminal Tutorial, About page added as menu options
• 🎨 Improved color support — truecolor / 256 / basic / none degradation

v1.0.0 — Initial Release

• First release — WHOIS, DNS, IP geolocation, port scan, tech detection, reverse/forward IP & DNS, zone transfer, metadata crawler

---

◈   Contributing

RYN27 grows through community contributions. All forms are welcome.

# 1. Fork the repo
# 2. Create your branch
git checkout -b feature/amazing-feature

# 3. Commit your changes
git commit -m "Add amazing feature"

# 4. Push and open a PR
git push origin feature/amazing-feature

Or simply:

• 🐛 Report a bug
• 💡 Request a feature
• ⭐ Drop a star — it genuinely helps

---

◈   Contact

Got questions, ideas, or just want to talk security?

---

◈   Support the Project

If RYN27 has helped your work or learning, consider buying me a coffee. Every bit of support keeps this free and maintained. 🙏

---

Star History