Reconnaissance scanning tools typically depend on external packet capture libraries or complex setups to gather network information. Reconya takes a different approach by implementing a multi-layered network reconnaissance tool entirely in Go, without external dependencies, tackling device discovery, MAC resolution, port scanning, and device fingerprinting in a single package.
What reconya is and how it works
Reconya is a comprehensive network reconnaissance tool written in Go that targets both IPv4 and IPv6 networks. It performs device discovery, MAC address resolution, port scanning, and device fingerprinting. Unlike many tools which rely on libpcap or third-party libraries for packet capture, Reconya implements all its scanning techniques natively in Go.
The architecture is centered around a multi-layered scanning approach combining ICMP ping sweeps, TCP connect probes, and ARP table lookups. This layered methodology helps increase the accuracy and completeness of network discovery, especially in complex network environments.
The tool also includes a web dashboard built with HTMX and vanilla JavaScript, providing a lightweight and responsive user interface without heavy frontend frameworks. Data persistence is handled via SQLite, which keeps the footprint small and the setup simple.
Reconya supports both active and passive monitoring modes for IPv6, with passive monitoring relying on neighbor discovery protocols to detect devices without generating active traffic.
One notable architectural decision is the avoidance of external dependencies. This means the entire scanning engine is implemented with Go’s standard library and some low-level networking code, which helps keep the binary portable and easy to deploy.
The multi-layered scanning strategy and its tradeoffs
What distinguishes Reconya is the multi-pronged scanning approach that combines ICMP ping sweeps, TCP connect probes, and ARP table lookups, all implemented without external packet capture libraries. This design balances thoroughness and practical deployment concerns.
ICMP ping sweeps: Used for quick alive detection across IP ranges. ICMP is common for pinging devices but can be blocked by firewalls, so it’s not always reliable alone.
TCP connect probes: These establish TCP connections on common ports to detect live hosts that may not respond to ICMP. This complements ICMP sweeps by finding devices with stricter firewall rules.
ARP table lookups: Used mainly for MAC address resolution on local networks. By reading the ARP cache, Reconya can fingerprint devices at Layer 2, which is crucial for accurate device identification.
This layered approach is effective but comes with tradeoffs. It requires elevated privileges for some operations (e.g., ARP lookups and raw ICMP packets), which may impact deployment in restricted environments.
Another tradeoff is the Docker support status. Docker’s network architecture limits access to Layer 2 information like MAC addresses across network segments. Despite initial support, the maintainers moved Docker deployment to experimental status due to these fundamental limitations. This is a pragmatic acknowledgment that containerized environments often cannot provide the full scanning capabilities needed for accurate device fingerprinting.
The code quality reflects these tradeoffs with clear separation of scanning layers and a modular design that could be extended for other protocols or scanning techniques.
Quick start
Important Notice: Docker Implementation Status
⚠️ Docker networking has been moved to experimental status due to fundamental limitations.
The fundamental limitation is Docker’s network architecture. Even with comprehensive MAC discovery methods, privileged mode, and enhanced capabilities, Docker containers cannot reliably access Layer 2 (MAC address) information across different network segments.
For full functionality, including complete MAC address discovery, please use the local installation method below.
Docker files have been moved to the experimental/ directory for those who want to experiment with containerized deployment, but local installation is the recommended approach.
Quick Install (Pre-built Binary)
Download and set up reconYa with a single command:
curl -sL https://raw.githubusercontent.com/Dyneteq/reconya/master/install.sh | sh
This auto-detects your OS and architecture, downloads the correct binary, and sets up the config.
Available platforms: Linux (x86_64, ARM64), macOS (Intel, Apple Silicon)
After installing, start reconYa:
cd reconya && sudo ./reconya-*
Then open your browser to: http://localhost:3008
Default login: admin / password
One-Command Installation
git clone https://github.com/Dyneteq/reconya.git
cd reconya
make install
This will:
- Download Go dependencies
- Create default
.envconfiguration file
After installation, use these commands:
make start # Start reconYa as daemon
make start-dev # Start in foreground (dev mode)
make stop # Stop reconYa
make status # Check service status
make logs # View logs
make help # Show all commands
Then open your browser to: http://localhost:3008
Default login: admin / password
Verdict
Reconya is a solid option for network engineers and developers looking for a pure Go network reconnaissance tool that avoids external dependencies and provides layered scanning capabilities. Its multi-strategy scanning approach increases the accuracy of device discovery and fingerprinting, especially in local networks.
However, the tool’s reliance on privileged network access and its experimental Docker status mean it’s best suited for local or on-premise deployments where full Layer 2 visibility is available.
The web dashboard is lightweight and effective, though users should expect basic functionality rather than a full-featured commercial UI.
If you need a straightforward, portable, and native Go network scanner with honest engineering tradeoffs and a modern minimal web UI, Reconya is worth evaluating. Just keep in mind the limitations around containerization and network privileges when planning deployment.
Related Articles
- docker_practice: a comprehensive open-source Docker learning book with containerized local reading — docker_practice offers a systematic Docker learning book with basics, advanced topics, and practical tooling. It uses Do
- Traefik: dynamic reverse proxy and load balancer for microservices — Traefik is a Go-based reverse proxy and load balancer that automatically configures routes by integrating with orchestra
- Exploring the Awesome-Selfhosted repository: a gateway to digital independence — A deep dive into the Awesome-Selfhosted repo, a community-curated list of free software for self-hosting network service
- Dokploy: a self-hosted PaaS combining Docker Compose and Swarm for scalable deployments — Dokploy is a self-hosted PaaS that streamlines app and database deployments using Docker Compose and Swarm for multi-nod
- Colmena: A stateless, Rust-based deployment tool for NixOS with Nix Flakes support — Colmena is a lightweight Rust tool for stateless, parallel NixOS deployments using Nix Flakes. It wraps core Nix command
→ GitHub Repo: Dyneteq/reconya ⭐ 1,313 · Go