The companion server isn't running or isn't reachable on localhost:31337. Make sure you've started it:
cd netrecon/ npm install node companion-server.js
The server must stay running in your terminal while you use NetRecon. If you close the terminal window, you'll need to start it again.
Nmap must be installed separately on your system. The companion server calls your system's nmap binary.
- Linux:
sudo apt install nmaporsudo yum install nmap - macOS:
brew install nmap - Windows: Download the installer from nmap.org
After installing, restart the companion server.
SYN scanning requires raw socket access, which needs root or Administrator privileges. Start the companion server with elevated permissions:
sudo node companion-server.js
On Linux you can also grant nmap the capability directly so you don't need sudo every time:
sudo setcap cap_net_raw+ep $(which nmap)
The ⚡ badge means that tool requires the companion server to be running. Without it, requests will fail.
Tools that only call external APIs (IP Geo, CVE Lookup, Reverse IP) still need the server — all outbound traffic is routed through it to keep the extension's CSP clean. There's no way to use those tools without the server running.
No — by design. The server binds to 127.0.0.1 only and the extension is hardcoded to connect to localhost:31337. This prevents the server from being accidentally exposed to the network.
If you need to scan from a remote host, SSH into it and run the companion server there, then set up an SSH tunnel:
ssh -L 31337:127.0.0.1:31337 user@remote-host
Yes. Edit companion-server.js and change the PORT constant near the top of the file. You'll also need to update lib/agent-client.js in the extension to match — the URL is defined at the top of that file.
After changing both files, reload the extension from chrome://extensions and restart the server.
No. The extension only connects to localhost:31337. No analytics, no telemetry, no external connections from the extension itself.
Some tools route requests through the companion server to external APIs (NVD for CVEs, ipapi.co for geolocation, crt.sh for subdomains, HackerTarget for reverse IP). Those requests include only the target you entered — nothing about you, your browser, or your system. See the Privacy Policy for the full breakdown.
NetRecon saves history to chrome.storage.local. If history disappears after a restart:
- Check that you didn't clear browser data ("Cookies and other site data" or "Hosted app data" wipes extension storage)
- Make sure the extension is still enabled at
chrome://extensions - History is capped at 300 entries — older entries are dropped automatically when you hit the limit
Use the History tab's Export All button to save a JSON backup of all your scans.
The SSL Inspector connects directly to port 443 on the target using Node.js's tls.connect(). "Connection refused" means either:
- The target isn't listening on port 443
- A firewall is blocking the connection from your machine
- The hostname doesn't resolve
Try the DNS Recon tool first to verify the hostname resolves correctly.
NetRecon is a tool — legality depends entirely on how you use it. Only scan systems you own or have explicit written authorization to test. Unauthorized scanning, enumeration, or exploitation is illegal in most jurisdictions under computer fraud and unauthorized access laws.
NetRecon is intended for: authorized penetration testing, CTF challenges, security research on your own infrastructure, and educational use in lab environments you control.