{"id":13581454,"url":"https://github.com/edoardottt/csprecon","last_synced_at":"2025-05-15T23:04:03.977Z","repository":{"id":63440839,"uuid":"567773651","full_name":"edoardottt/csprecon","owner":"edoardottt","description":"Discover new target domains using Content Security Policy ","archived":false,"fork":false,"pushed_at":"2025-05-14T06:27:41.000Z","size":6874,"stargazers_count":428,"open_issues_count":0,"forks_count":49,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-05-14T07:39:53.513Z","etag":null,"topics":["bounty-hunting","bugbounty","bugbounty-tool","content-security-policy","csp","golang","hacking","hacktoberfest","information-retrieval","offensive-security","offensivesecurity","recon","recon-tool","reconnaissance","security","security-tools"],"latest_commit_sha":null,"homepage":"https://edoardottt.com/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/edoardottt.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"edoardottt","liberapay":"edoardottt","patreon":"edoardottt","ko_fi":"edoardottt","open_collective":"edoardottt","custom":"https://www.paypal.me/edoardottt"}},"created_at":"2022-11-18T14:45:21.000Z","updated_at":"2025-05-14T06:27:45.000Z","dependencies_parsed_at":"2023-11-07T08:24:59.897Z","dependency_job_id":"b78f0852-4aaa-48b1-bd40-453f00f11d5e","html_url":"https://github.com/edoardottt/csprecon","commit_stats":{"total_commits":314,"total_committers":2,"mean_commits":157.0,"dds":0.3821656050955414,"last_synced_commit":"dfd864b0bfc1e8d4561e6aa6444c39282c502a22"},"previous_names":[],"tags_count":16,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edoardottt%2Fcsprecon","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edoardottt%2Fcsprecon/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edoardottt%2Fcsprecon/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edoardottt%2Fcsprecon/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/edoardottt","download_url":"https://codeload.github.com/edoardottt/csprecon/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254125258,"owners_count":22019009,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bounty-hunting","bugbounty","bugbounty-tool","content-security-policy","csp","golang","hacking","hacktoberfest","information-retrieval","offensive-security","offensivesecurity","recon","recon-tool","reconnaissance","security","security-tools"],"created_at":"2024-08-01T15:02:02.366Z","updated_at":"2025-05-15T23:04:03.944Z","avatar_url":"https://github.com/edoardottt.png","language":"Go","funding_links":["https://github.com/sponsors/edoardottt","https://liberapay.com/edoardottt","https://patreon.com/edoardottt","https://ko-fi.com/edoardottt","https://opencollective.com/edoardottt","https://www.paypal.me/edoardottt"],"categories":["Go","Miscellaneous","Weapons","信息搜集"],"sub_categories":["Uncategorized","Tools"],"readme":"\u003ch1 align=\"center\"\u003e\n  csprecon\n  \u003cbr\u003e\n\u003c/h1\u003e\n\n\u003ch4 align=\"center\"\u003eDiscover new target domains using Content Security Policy\u003c/h4\u003e\n\n\u003ch6 align=\"center\"\u003e Coded with 💙 by edoardottt \u003c/h6\u003e\n\n\u003cp align=\"center\"\u003e\n\n  \u003ca href=\"https://github.com/edoardottt/csprecon/actions\"\u003e\n      \u003cimg src=\"https://github.com/edoardottt/csprecon/actions/workflows/go.yml/badge.svg\" alt=\"go action\"\u003e\n  \u003c/a\u003e\n\n  \u003ca href=\"https://goreportcard.com/report/github.com/edoardottt/csprecon\"\u003e\n      \u003cimg src=\"https://goreportcard.com/badge/github.com/edoardottt/csprecon\" alt=\"go report card\"\u003e\n  \u003c/a\u003e\n\n\u003cbr\u003e\n  \u003c!--Tweet button--\u003e\n  \u003ca href=\"https://twitter.com/intent/tweet?text=csprecon%20-%20Reconnaissance%20tool%20based%20on%20Content%20Security%20Policy%20https%3A%2F%2Fgithub.com%2Fedoardottt%2Fcsprecon%20%23golang%20%23github%20%23linux%20%23infosec%20%23bugbounty\" target=\"_blank\"\u003eShare on Twitter!\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"#install-\"\u003eInstall\u003c/a\u003e •\n  \u003ca href=\"#get-started-\"\u003eGet Started\u003c/a\u003e •\n  \u003ca href=\"#examples-\"\u003eExamples\u003c/a\u003e •\n  \u003ca href=\"#changelog-\"\u003eChangelog\u003c/a\u003e •\n  \u003ca href=\"#contributing-\"\u003eContributing\u003c/a\u003e •\n  \u003ca href=\"#license-\"\u003eLicense\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://github.com/edoardottt/images/blob/main/csprecon/csprecon.gif\"\u003e\n\u003c/p\u003e\n  \nInstall 📡\n----------\n\n### Homebrew\n\n```console\nbrew install csprecon\n```\n\n### Snap\n\n```console\nsudo snap install csprecon\n```\n\n### Go\n\n```console\ngo install github.com/edoardottt/csprecon/cmd/csprecon@latest\n```\n\nGet Started 🎉\n----------\n\n```console\nUsage:\n  csprecon [flags]\n\nFlags:\nINPUT:\n   -u, -url string   Input domain\n   -l, -list string  File containing input domains\n   -cidr             Interpret input as CIDR\n\nCONFIGURATIONS:\n   -d, -domain string[]  Filter results belonging to these domains (comma separated)\n   -c, -concurrency int  Concurrency level (default 50)\n   -t, -timeout int      Connection timeout in seconds (default 10)\n   -rl, -rate-limit int  Set a rate limit (per second)\n   -px, -proxy string    Set a proxy server (URL)\n\nOUTPUT:\n   -o, -output string  File to write output results\n   -v, -verbose        Verbose output\n   -s, -silent         Silent output. Print only results\n   -j, -json           JSON output\n```\n\nExamples 💡\n----------\n\nGrab all possible results from single domain\n\n```bash\ncsprecon -u https://www.github.com\n```\n\n```bash\necho https://www.github.com | csprecon\n```\n\nGrab all possible results from a list of domains (protocols needed!)\n\n```bash\ncsprecon -l targets.txt\n```\n\n```bash\ncat targets.txt | csprecon\n```\n\nGrab all possible results belonging to specific target(s) from a list of domains (protocols needed!)\n\n```bash\ncat targets.txt | csprecon -d google.com\n```\n\nGrab all possible results from single CIDR\n\n```bash\ncsprecon -u 192.168.1.0/24 -cidr\n```\n\nSet a rate limit of 10 requests per second\n\n```bash\ncat targets.txt | csprecon -rl 10\n```\n\nJSON Output\n\n```bash\ncat targets.txt | csprecon -j\n```\n\nUse a Proxy\n\n```bash\ncat targets.txt | csprecon -px http://127.0.0.1:8080\n```\n\nChangelog 📌\n-------\n\nDetailed changes for each release are documented in the [release notes](https://github.com/edoardottt/csprecon/releases).\n\nContributing 🛠\n-------\n\nJust open an [issue](https://github.com/edoardottt/csprecon/issues) / [pull request](https://github.com/edoardottt/csprecon/pulls).\n\nBefore opening a pull request, download [golangci-lint](https://golangci-lint.run/usage/install/) and run\n\n```bash\ngolangci-lint run\n```\n\nIf there aren't errors, go ahead :)\n\nIn the news 📰\n-------\n\n- [Hive Five Newsletter by Securibee](https://securib.ee/newsletter/)\n- [Trickest](https://twitter.com/trick3st/status/1788877498731696256)\n- [Critical Thinking - Bug Bounty Podcast](https://blog.criticalthinkingpodcast.io/p/jason-haddix-returns)\n\nLicense 📝\n-------\n\nThis repository is under [MIT License](https://github.com/edoardottt/csprecon/blob/main/LICENSE).  \n[edoardottt.com](https://edoardottt.com/) to contact me.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedoardottt%2Fcsprecon","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fedoardottt%2Fcsprecon","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedoardottt%2Fcsprecon/lists"}