favirecon

favirecon

210 Stars

Use favicons to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.

edoardottt
Bug-bounty
May 31, 2025
210 stars
View on GitHub
Share on:
X LinkedIn Facebook WhatsApp Telegram Reddit Email
Category
Bug-bounty
GitHub Stars
210
Project Added On
May 31, 2025
Contributors
10

README.md

View on GitHub

favirecon

Use favicons to improve your target recon phase

Coded with 💙 by edoardottt

go action go report card
Share on Twitter!

InstallGet StartedExamplesChangelogContributingLicense

Note
This tool heavily relies on its favicon hash database. If you think you have a new favicon hash that’s worth adding or you think there is a wrong hash-service association please open an issue.

Install 📡

Homebrew

brew install favirecon

Snap

sudo snap install favirecon

Go

go install github.com/edoardottt/favirecon/cmd/favirecon@latest

Get Started 🎉 

Usage:
  favirecon [flags]

Flags:
INPUT:
   -u, -url string   Input domain
   -l, -list string  File containing input domains
   -cidr             Interpret input as CIDR

CONFIGURATIONS:
   -hash string[]        Filter results having these favicon hashes (comma separated)
   -c, -concurrency int  Concurrency level (default 50)
   -t, -timeout int      Connection timeout in seconds (default 10)
   -rl, -rate-limit int  Set a rate limit (per second)
   -px, -proxy string    Set a proxy server (URL)

OUTPUT:
   -o, -output string  File to write output results
   -v, -verbose        Verbose output
   -s, -silent         Silent output. Print only results
   -j, -json           JSON output

Examples 💡

Identify a single domain

favirecon -u https://www.github.com

echo https://www.github.com | favirecon

Grab all possible results from a list of domains (protocols needed!)

favirecon -l targets.txt

cat targets.txt | favirecon

Grab all possible results belonging to a specific target(s) (protocols needed!)

cat targets.txt | favirecon -hash 708578229

Grab all possible results from single CIDR

favirecon -u 192.168.1.0/24 -cidr

Use a Proxy

favirecon -u https://www.github.com -px http://127.0.0.1:8080

JSON Output

favirecon -u https://www.github.com -j

Changelog 📌

Detailed changes for each release are documented in the release notes.

Contributing 🛠

Just open an issue / pull request.

Before opening a pull request, download golangci-lint and run

golangci-lint run

If there aren’t errors, go ahead :)

In the news 📰

License 📝

This repository is under MIT License.
edoardottt.com to contact me.

Tool Information

Author

edoardottt

Project Added On

May 31, 2025

License

Open Source

Tags

bug-bounty bugbounty favicon favicon-hash favicon-icon golang hacking hacktoberfest infosec offensive-security penetration-test penetration-testing pentest pentest-tool pentesting pentesting-tools recon reconnaissance security security-tools
View on GitHub

Related Tools

awesome-bugbounty-builder

awesome-bugbounty-builder

Awesome Bug bounty builder Project

Stable
awesome-oneliner-bugbounty

awesome-oneliner-bugbounty

A collection of awesome one-liner scripts especially for bug bounty tips.

Stable
burp_bug_finder

burp_bug_finder

Automatic Bug finder with buprsuite

Stable
View more Bug-bounty tools