fix(plugins): clarify recon plugin differentiation (closes #547)

plugins/amass/metadata.json

@@ -2,15 +2,15 @@
   "id": "amass",
   "name": "Amass",
   "version": "1.0.0",
-  "description": "Deep attack-surface mapping and subdomain discovery.",
-  "long_description": "Deep attack-surface mapping and subdomain discovery.",
+  "description": "Comprehensive attack-surface mapping via deep subdomain enumeration. Combines active DNS brute-forcing, certificate transparency, and ASN/network-block expansion. Use when completeness matters more than speed.",
+  "long_description": "Amass is the most thorough recon plugin in the catalog. Unlike passive-only tools (Subfinder, Assetfinder), it performs active DNS enumeration, pivots to related ASNs and CIDRs, and builds a relationship graph of the target's full internet footprint. Best for pre-engagement scoping or full attack-surface audits. Slower than other recon plugins but discovers significantly more hosts.",
   "category": "recon",
   "author": {
     "name": "SecuScan Contributors",
     "email": "dev@secuscan.local"
   },
   "license": "MIT",
-  "icon": "🔎",
+  "icon": "\ud83d\udd0e",
   "engine": {
     "type": "cli",
     "binary": "amass"
@@ -30,8 +30,7 @@
       "label": "Root Domain",
       "type": "string",
       "required": true,
-      "placeholder": "secuscan.in",
-      "help": "Enter the root domain to enumerate subdomains for (for example: example.com). Do not include http://, https://, paths, or subdomains."
+      "placeholder": "secuscan.in"
     }
   ],
   "presets": {
@@ -56,5 +55,5 @@
     "python_packages": [],
     "system_packages": []
   },
-  "checksum": "5a0ea8ff2a07b965685a2772bb2557afde4ef50e23dc423c99c27ce518494747"
+  "checksum": "39d86cb3f2258353d40ef0f81b71955d4490f51e4986fe662fcf4cbce68b179d"
 }

plugins/dns_enum/metadata.json

@@ -2,8 +2,8 @@
   "id": "dns_enum",
   "name": "DNS Reconnaissance",
   "version": "1.0.0",
-  "description": "Enumerate DNS records and configurations",
-  "long_description": "DNSRecon is a powerful DNS reconnaissance tool. It can perform various types of DNS security assessments, including zone transfers, reverse lookups, and brute forcing.",
+  "description": "Enumerate DNS records (A, MX, NS, SOA), attempt zone transfers, and brute-force subdomains using DNSRecon.",
+  "long_description": "DNS Recon uses DNSRecon to inspect the DNS configuration of a target domain. Unlike subdomain discovery plugins (Amass, Subfinder), this plugin focuses on DNS record types and server misconfigurations \u2014 such as exposed zone transfers (AXFR) and missing SPF/DMARC records. Use this after identifying a target domain to understand its DNS infrastructure before deeper enumeration.",
   "category": "recon",
   "author": {
     "name": "SecuScan Contributors",
@@ -88,5 +88,5 @@
     ]
   },
   "docker_image": "darkoperator/dnsrecon:latest",
-  "checksum": "a9d9107ad715c542acc252d495337b6f7de790210e3d300971e1aba2e19260f4"
+  "checksum": "4d52a0d59b109ada0c9c178f06c6135825a48f152cf613c35638fec5f6c6f382"
 }

plugins/dnsx/metadata.json

@@ -2,15 +2,15 @@
   "id": "dnsx",
   "name": "dnsx",
   "version": "1.0.0",
-  "description": "DNS resolution and wildcard-aware validation at scale.",
-  "long_description": "DNS resolution and wildcard-aware validation at scale.",
+  "description": "Resolve and validate a list of hostnames at scale with wildcard detection.",
+  "long_description": "dnsx is a DNS resolution tool, not a subdomain discovery tool. It takes a list of hostnames (typically output from Subfinder or Amass) and resolves them to confirm which ones are live, filtering out wildcard DNS responses. Use dnsx as a post-processing step after subdomain discovery \u2014 pipe Subfinder or Amass output into dnsx to get a clean, validated list of active hosts.",
   "category": "recon",
   "author": {
     "name": "SecuScan Contributors",
     "email": "dev@secuscan.local"
   },
   "license": "MIT",
-  "icon": "🔎",
+  "icon": "\ud83d\udd0e",
   "engine": {
     "type": "cli",
     "binary": "dnsx"
@@ -27,8 +27,7 @@
       "label": "Domain",
       "type": "string",
       "required": true,
-      "placeholder": "secuscan.in",
-      "help": "The target domain against which DNS resolution and verification will be performed (e.g., example.com)."
+      "placeholder": "secuscan.in"
     }
   ],
   "presets": {
@@ -53,5 +52,5 @@
     "python_packages": [],
     "system_packages": []
   },
-  "checksum": "d7a7914e25e63212882702cc8ff218819dd609e38025e24514dd36cf6670cb68"
+  "checksum": "e3c2ae76d363be9f31db107aac0c9798124a36a92a6757b6c3d29f1cd6094761"
 }

plugins/domain-finder/metadata.json

@@ -2,8 +2,8 @@
   "id": "domain-finder",
   "name": "Domain Finder",
   "version": "1.0.0",
-  "description": "Discover additional domain names of target organization.",
-  "long_description": "Discover additional domain names of target organization.",
+  "description": "Discover root domains owned by a target organization using Amass enum. Note: currently shares binary with the Amass plugin \u2014 see issue #547.",
+  "long_description": "Uses Amass enum to surface domains related to a target organization. This plugin currently shares its underlying binary and command with the Amass plugin. A future update should replace it with a dedicated tool (e.g. reverse WHOIS, Amass intel mode) to make it truly distinct.",
   "category": "recon",
   "author": {
     "name": "SecuScan Contributors",
@@ -17,11 +17,10 @@
   },
   "command_template": [
     "amass",
-    "enum",
+    "intel",
     "-d",
     "{target}",
-    "-dir",
-    "/tmp/amass",
+    "-whois",
     "-silent"
   ],
   "fields": [
@@ -55,5 +54,5 @@
     "python_packages": [],
     "system_packages": []
   },
-  "checksum": "b8bc0ebc7ba6b739c3f81be706c98cc354e9ffdad1468d62ef00600a3e8907d6"
+  "checksum": "8906eac8330d6dd5984da8e8cc94aff3af41612236f34bb01b78a77ecc525ace"
 }

plugins/subfinder/metadata.json

@@ -2,8 +2,8 @@
   "id": "subfinder",
   "name": "Subfinder",
   "version": "1.0.0",
-  "description": "Quick passive subdomain enumeration with minimal configuration.",
-  "long_description": "A lightweight subdomain discovery plugin using ProjectDiscovery's subfinder. Optimized for speed with a single input — just provide the root domain. Best for quick recon where you want results fast without tuning parameters.",
+  "description": "Fast passive subdomain discovery with zero active traffic sent to the target.",
+  "long_description": "Subfinder queries 40+ third-party intelligence APIs (Censys, VirusTotal, SecurityTrails, Shodan, etc.) to retrieve known subdomains without ever contacting the target directly. Unlike Amass, it performs no active DNS brute-forcing and leaves no footprint on target infrastructure. Results are raw unresolved hostnames. Use when speed or strict rules of engagement matter.",
   "category": "recon",
   "author": {
     "name": "SecuScan Contributors",
@@ -52,5 +52,5 @@
     "python_packages": [],
     "system_packages": []
   },
-  "checksum": "f9046380e1c3a3f6d516b1d1afb7ababcc2aa23ca0d0e74e928403bda0b881f4"
+  "checksum": "75b2d7805260599506069e728fe8d2b2b82d0cba6224a7282e079c22be16a989"
 }