Smart Recon is a discovery scan that runs as soon as you add a target to the Intruder platform. It's primary purpose is to let you (and the scanner) know whether a target is exposed to the internet or not. The fact that it happens within seconds of being added to the platform is just a bonus!

How does it work?

When you first add a target, it'll pop up on your targets page like this:

After 30 seconds (or a page refresh), it should update to look like one of these:

👆 this means that Smart Recon detected at least one open port or service; and/or the target responded to ping. As a result, the target was deemed Active and marked with a green dot.

👆 this means that Smart Recon didn't detect any open ports or services and it didn't respond to ping. As a result, the target was deemed Unresponsive and marked with a grey dot. (Advice for troubleshooting unresponsive external targets and advice for troubleshooting unresponsive, internal targets can be found in our Help Centre).

How does Smart Recon help me?

Good question! Smart Recon tells the scanner which targets need to be checked for vulnerabilities and therefore which targets should consume licenses.
[Spoiler alert: It's the active ones!]

  • If smart recon marked a target as active and it's included in a vulnerability scan, it will be assigned a license and checked for vulnerabilities

  • If smart recon marked a target as unresponsive and it's included in a vulnerability scan, a license isn't assigned and the target isn't checked for vulnerabilities.

Since only active targets consume licenses, you'll only ever pay to scan the targets that could actually pose a risk if they were to be exploited. After all, there's no point in paying to scan a target that isn't exposed to the internet as there wouldn't be anything to scan and therefore no vulnerabilities to report!

Did this answer your question?