ENNAENNA

reNgine

GPL-3.0

๐Ÿ•ธ Web Scanning ยท Python

reNgine is an automated web application reconnaissance framework that combines multiple scanning engines into a single, correlated workflow with a web-based dashboard. It orchestrates subdomain enumeration (Subfinder, Amass), port scanning (Naabu), HTTP probing (httpx), screenshot capture (Aquatone), directory brute-forcing (ffuf), vulnerability scanning (Nuclei), and JavaScript analysis into configurable scan pipelines. What sets reNgine apart from simple tool wrappers is its correlation engine โ€” it cross-references findings across all scan stages, deduplicates results, and presents a unified view of the target's attack surface. The platform supports scheduled scans for continuous monitoring, custom scan engine configurations, and Slack/Discord notifications for new findings. With over 8,500 GitHub stars, reNgine has become a popular choice for bug bounty hunters and security teams who want automated recon without building their own pipeline infrastructure.

8.6kstars
1.3kforks
160issues
Updated 2mo ago
+I use this
๐Ÿณ Docker Ready
View on GitHubOfficial Website

Installation

$ docker compose up -d

Use Cases

  • Continuous web application reconnaissance
  • Automated vulnerability discovery for bug bounties
  • Attack surface monitoring with scheduled scans

Tags

reconautomationcontinuous-monitoringbug-bountybugbountyhackinginformation-gatheringinfosecosintpenetration-testingpentestingrecon-enginereconnaissancerenginescannerscanner-webscanningsecurity-tools

Details

Category
๐Ÿ•ธ Web Scanning
Language
Python
License
GPL-3.0
Platforms
๐Ÿงlinux๐ŸŽmacos๐ŸชŸwindows

Links

GitHub Repository

github.com/yogeshojha/rengine

Official Website

yogeshojha.github.io/rengine

Releases

github.com/yogeshojha/rengine/releases

Issues

github.com/yogeshojha/rengine/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Community Reviews

Alternatives & Comparisons

Shannon

TypeScript

Autonomous AI pentester for web apps and APIs. Analyzes source code, identifies attack vectors, and executes real exploits to prove vulnerabilities.

Compare reNgine vs Shannon

HexStrike AI

Python

MCP server giving AI agents access to 150+ cybersecurity tools for automated pentesting, vulnerability discovery, and bug bounty automation.

Compare reNgine vs HexStrike AI

More in Web Scanning

httpx

Go

Fast multi-purpose HTTP toolkit. Probes for running HTTP servers with retries and fallbacks.

http-probetech-detectionprojectdiscovery

Nikto

Perl

Classic web server scanner. Tests for dangerous files, outdated server software, and version-specific problems.

web-serverclassiccgi-scan

Gobuster

Go

Directory/file, DNS, and vhost busting tool. Brute-forces URIs, DNS subdomains, virtual host names, and S3 buckets.

directory-brutedns-brutevhost

Feroxbuster

Rust

Fast, recursive content discovery tool written in Rust. Like gobuster on steroids with auto-recursion.

directory-bruterecursiverust

Burp Suite Community

Java

Web vulnerability scanner and proxy. Intercept, modify, and replay HTTP/S traffic for web app testing.

proxyweb-appinterceptor

ffuf

Go

Fast web fuzzer written in Go. Fuzz anything - URLs, headers, POST data - with blazing speed.

fuzzingdirectory-brutefast