ABSpider Recon — Project Overview

Relevant source files

ABSpider Recon is a modern, browser-based reconnaissance dashboard and CLI designed for security professionals, penetration testers, and bug bounty hunters README.md3-4 It provides a unified interface for gathering passive intelligence and performing active vulnerability scanning through a suite of 21+ specialized modules README.md98

System Architecture & Philosophy

The project follows a Zero-Backend philosophy README.md87-91 While it utilizes Supabase for data persistence and authentication, the core logic—including scan orchestration, request management, and reporting—executes entirely within the user's browser or the local Node.js environment README.md102-104

Core Components Hierarchy

The following diagram illustrates how high-level system concepts map to specific code entities within the application.

System Logic to Code Entity Mapping

Sources: src/App.tsx9-25 src/services/scanService.ts27-28 README.md87-92

Technical Stack

Frontend: React + Vite + Tailwind CSS README.md89
State Management: TanStack Query for server state src/App.tsx4-5 React Context for UI state (Theme, Notifications) src/App.tsx6-7
Backend-as-a-Service: Supabase (Auth, PostgreSQL with RLS) README.md103
Reporting: jsPDF and jspdf-autotable for professional PDF generation README.md104
Network: Custom cloudflareBypass and corsProxy logic to handle cross-origin constraints src/services/cloudflareBypass.ts1-7

Key Capabilities

ABSpider Recon consolidates over 20 specialized modules into a single workflow README.md98

Category	Capabilities	Key Code Entities
Intelligence	WHOIS, DNS, GeoIP, Subdomains	`subdomainService`, `dnsService`
Vulnerability	SQLi, XSS, LFI, WordPress	`sqlScanService`, `xssScanService`
Infrastructure	Port scanning, WAF detection	`portService`, `ddosFirewallService`
Automation	Smart Scan levels (0-10)	`SmartScanManager`, `RequestManager`

Subsystem Interactivity

The system bridges the gap between user configuration and external data sources through a managed service layer that handles rate limiting and proxying.

Subsystem Relationship Diagram

Sources: src/App.tsx93-100 src/services/scanService.ts27-28 src/services/cloudflareBypass.ts92-105

The application is divided into a public-facing landing interface and a protected reconnaissance suite.

Public Interface

Landing Page: The primary entry point (LandingPage.tsx) featuring feature highlights and live platform statistics src/App.tsx10-78
Status Page: Real-time health monitoring of database connections, auth services, and external APIs src/App.tsx11-79
For details, see Landing Page & Public Interface.

Authenticated Workspace

Once authenticated via ModernLogin.tsx src/App.tsx12-81 users access the main application. Navigation is managed by the AppSidebar, which provides persistent access to:

Dashboard: High-level overview of activity and success rates src/pages/DashboardPage.tsx19 src/components/AppSidebar.tsx59
New Scan: Configuration interface for 30+ scan parameters src/pages/NewScan.tsx14
All Scans & Reports: Historical data management and export triggers src/pages/AllScans.tsx18 src/pages/ReportsPage.tsx20

Safety and Persistence

The application includes guards to protect active work. The App.tsx component implements a beforeunload listener that warns users if they attempt to close the browser while a scan is running src/App.tsx52-58 Furthermore, cleanupStuckScans is invoked upon session initialization to ensure the database remains consistent after unexpected disconnects src/App.tsx44-49

For details on setting up the environment and database, see Getting Started & Configuration.

Sources: src/App.tsx40-66 src/components/AppSidebar.tsx58-64 src/main.tsx1-4