https://github.com/snailsploit/snailsploit_recon_extension

Shipped a lightweight Chrome MV3 tool for instant recon: SnailSploit Recon Extension. It surfaces security headers, IP intel (DoH/rDNS/RDAP), Shodan InternetDB (ports/CPEs), CPE→CVE enrichment, passive+live subdomains, a pragmatic secrets scanner, and tech fingerprints — all without API keys (VT is optional).
https://github.com/snailsploit/snailsploit_recon_extension

automation extension pt recon

Last synced: 10 months ago
JSON representation

Shipped a lightweight Chrome MV3 tool for instant recon: SnailSploit Recon Extension. It surfaces security headers, IP intel (DoH/rDNS/RDAP), Shodan InternetDB (ports/CPEs), CPE→CVE enrichment, passive+live subdomains, a pragmatic secrets scanner, and tech fingerprints — all without API keys (VT is optional).

• Host: GitHub
• URL: https://github.com/snailsploit/snailsploit_recon_extension
• Owner: SnailSploit
• License: mit
• Created: 2025-08-10T05:37:10.000Z (10 months ago)
• Default Branch: main
• Last Pushed: 2025-08-10T05:46:16.000Z (10 months ago)
• Last Synced: 2025-08-10T07:17:32.084Z (10 months ago)
• Topics: automation, extension, pt, recon
• Language: JavaScript
• Homepage: https://snailsploit.com
• Size: 32.2 KB
• Stars: 0
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# SnailSploit Recon Extension

**SnailSploit Recon** is a Chrome MV3 extension for instant recon the moment you land on a site. It paints fast and then streams results as they arrive.

## Features

- **Security headers** with layered fallback (webRequest → HEAD → tiny GET).

- **IP intel** (DoH A/AAAA, rDNS, RDAP, IP whois fallback ipwho.is→ipapi.co).

- **Shodan InternetDB** (no key) for ports/CPEs, plus **CPE→CVE enrichment** (CIRCL → NVD).

- **Subdomains** from crt.sh + BufferOver + Anubis, live-resolved (A/AAAA).

- **Secrets scanner** (inline + ≤12 external + main HTML + .map) with pragmatic regexes.

- **Tech fingerprints** (headers/meta/DOM hints + favicon mmh3).

- Optional **VirusTotal** subdomain enrichment (provide API key in Options).

## Install (developer mode)

1. Download the ZIP from Releases or build locally.

2. Unzip → `chrome://extensions` → enable **Developer mode** → **Load unpacked** → select the folder.

3. (Optional) Open the Options page and paste your VT API key.

## Notes

- No `chrome.dns` required; works on Stable channel.

- Network calls are short-timeout & capped for performance.

- For security research & recon. Respect target policies and laws.

**Built with ❤️ for the SnailSploit red team community.**