Why I Want a Dedicated Recon Node

As a bug bounty hunter, I don’t want to run everything from my laptop. A VPS can be:

  • a stable, always-on recon box,
  • a place to run scans over time,
  • a jump host for tools that need stable IPs.

Since I already have a VPS with Vault and proper PKI, I want to integrate recon into the same platform.

What I Want to Run There

Typical recon tasks:

  • subdomain discovery,
  • HTTP probing,
  • directory/file brute forcing,
  • simple automation around known wordlists and tool chains.

These can run:

  • under a dedicated Unix user (e.g. bbuser),
  • in rootless Podman containers,
  • behind a VPN or proxy if needed.

How It Connects to the Rest

I don’t need recon tools to talk directly to Vault, but:

  • I could store API keys (for platforms, tools) in Vault,
  • use Vault Agent to inject them into recon containers,
  • log recon jobs into my logging stack.

This way, my VPS becomes not just “infra lab”, but also “security research workstation”.