Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/edoardottt/favirecon

Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
https://github.com/edoardottt/favirecon

bug-bounty bugbounty favicon favicon-hash favicon-icon golang hacking infosec offensive-security penetration-test penetration-testing pentest pentest-tool pentesting pentesting-tools recon reconnaissance security security-tools

Last synced: 8 days ago
JSON representation

Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.

Awesome Lists containing this project

README 

        


  favirecon

  





Use favicon.ico to improve your target recon phase



 Coded with 💙 by edoardottt 






  

      go action

  



  

      go report card

  






  

  Share on Twitter!

  






  Install
  Get Started
  Examples
  Changelog
  Contributing
  License






  



  

> **Note**

> This tool heavily relies on its favicon hash database. If you think you have a new favicon hash that's worth adding or you think there is a wrong hash-service association please open an issue.  



Install 📡

----------



### Homebrew



```console

brew install favirecon

```



### Snap



```console

sudo snap install favirecon

```



### Go



```console

go install github.com/edoardottt/favirecon/cmd/favirecon@latest

```



Get Started 🎉

----------



```console

Usage:

  favirecon [flags]



Flags:

INPUT:

   -u, -url string   Input domain

   -l, -list string  File containing input domains

   -cidr             Interpret input as CIDR



CONFIGURATIONS:

   -hash string[]        Filter results having these favicon hashes (comma separated)

   -c, -concurrency int  Concurrency level (default 50)

   -t, -timeout int      Connection timeout in seconds (default 10)

   -rl, -rate-limit int  Set a rate limit (per second)

   -px, -proxy string    Set a proxy server (URL)



OUTPUT:

   -o, -output string  File to write output results

   -v, -verbose        Verbose output

   -s, -silent         Silent output. Print only results

   -j, -json           JSON output

```



Examples 💡

----------



Identify a single domain



```console

favirecon -u https://www.github.com

```



```console

echo https://www.github.com | favirecon

```



Grab all possible results from a list of domains (protocols needed!)



```console

favirecon -l targets.txt

```



```console

cat targets.txt | favirecon

```



Grab all possible results belonging to a specific target(s) (protocols needed!)



```console

cat targets.txt | favirecon -hash 708578229

```



Grab all possible results from single CIDR



```console

favirecon -u 192.168.1.0/24 -cidr

```



Use a Proxy



```console

favirecon -u https://www.github.com -px http://127.0.0.1:8080

```



JSON Output



```console

favirecon -u https://www.github.com -j

```



Changelog 📌

-------



Detailed changes for each release are documented in the [release notes](https://github.com/edoardottt/favirecon/releases).



Contributing 🛠

-------



Just open an [issue](https://github.com/edoardottt/favirecon/issues) / [pull request](https://github.com/edoardottt/favirecon/pulls).



Before opening a pull request, download [golangci-lint](https://golangci-lint.run/usage/install/) and run



```console

golangci-lint run

```



If there aren't errors, go ahead :)



In the news 📰

-------



- [Hive Five Newsletter by Securibee](https://securib.ee/newsletter/)

  

License 📝

-------



This repository is under [MIT License](https://github.com/edoardottt/favirecon/blob/main/LICENSE).  

[edoardoottavianelli.it](https://www.edoardoottavianelli.it) to contact me.