edoardottt/csprecon

Stars
359
Rank 118,537 (Top 3 %)
Language
Go
License
MIT License
Created about 2 years ago
Updated 3 months ago

edoardottt/csprecon

edoardottt

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Discover new target domains using Content Security Policy

csprecon

Discover new target domains using Content Security Policy

Coded with 💙 by edoardottt

Share on Twitter!

Install • Get Started • Examples • Changelog • Contributing • License

Install 📡

Using Snap

sudo snap install csprecon

Using Go

go install github.com/edoardottt/csprecon/cmd/csprecon@latest

Get Started 🎉

Usage:
  csprecon [flags]

Flags:
INPUT:
   -u, -url string   Input domain
   -l, -list string  File containing input domains
   -cidr             Interpret input as CIDR

CONFIGURATIONS:
   -d, -domain string[]  Filter results belonging to these domains (comma separated)
   -c, -concurrency int  Concurrency level (default 50)
   -t, -timeout int      Connection timeout in seconds (default 10)

OUTPUT:
   -o, -output string  File to write output results
   -v, -verbose        Verbose output
   -s, -silent         Silent output. Print only results

Examples 💡

Grab all possible results from single domain

csprecon -u https://www.github.com

echo https://www.github.com | csprecon

Grab all possible results from a list of domains (protocols needed!)

csprecon -l targets.txt

cat targets.txt | csprecon

Grab all possible results belonging to specific target(s) from a list of domains (protocols needed!)

cat targets.txt | csprecon -d google.com

Grab all possible results from single CIDR

csprecon -u 192.168.1.0/24 -cidr

Changelog 📌

Detailed changes for each release are documented in the release notes.

Contributing 🛠

Just open an issue / pull request.

Before opening a pull request, download golangci-lint and run

golangci-lint run

If there aren't errors, go ahead :)

In the news 📰

Hive Five Newsletter by Securibee

License 📝

This repository is under MIT License.
edoardoottavianelli.it to contact me.

awesome-hacker-search-engines

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

cariddi

Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

scilla

Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration

lit-bb-hack-tools

Little Bug Bounty & Hacking Tools⚔️

missing-cve-nuclei-templates

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

tryhackme-ctf

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

favirecon

Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.

eJPT-notes

Notes I took while preparing for eJPT certification by INE Security (passed 19/20, fka eLearn Security)

secfiles

My useful files for penetration tests, security assessments, bug bounty and other security related stuff

spark-ar-creators

List of 9500 (and counting) Spark AR Creators. Open an issue or contact me if you want to be added.❤️

pphack

The Most Advanced Client-Side Prototype Pollution Scanner

black-hat-python3-code

🏴‍☠️ tools (py3 version) of Black Hat Python book 🏴‍☠️

longtongue

Customized Password/Passphrase List inputting Target Info

pwdsafety

🔒command line tool checking password safety🔒

twitterbot2

Like and retweet your tweets, or search tweets by topic. It stores and serves data with a Flask webapp. 🐦 Live demo running on twitter.com/ai_testing

companies-hiring-security-remote

List of companies that hire security people full remote.

HackerRank-LinuxShell

HackerRank-LinuxShell Solutions 💻

MSc-CyberSecurity-Sapienza

Master of Science in Cybersecurity, Sapienza University of Rome.

depsdev

CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.

twitterBot

[NOT WORKING] 🤖 CLI Twitter Bot. It's made to reach more engagement based on your interests. See https://github.com/edoardottt/twitterbot2

malicious-rMQR-Codes

Collection of (4000+) malicious rMQR Codes for Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more

CompTIA-Security-notes

CompTIA Security+ SY0-601 notes (passed 788 points)

boggart

Highly customizable low-interaction experimental honeypot that mimics specific hosts.

defangjs

URL / IP / Email defanging with Javascript. Make IoC harmless.

amazon_tracker

A simple amazon tracker that sends you an email when prices of your followed products fall down!

py-problems-solutions

Implementations of various problems using Python. Dynamic Programming, BackTracking & Sorting algorithms 💻

golazy

Golang module exporting general purpose functions I get tired of rewriting every time

programming-fundamentals

Useful material for learning Python, start coding and learn how to logically solve real world problems.

asm-snippets

Some of my assembly code (examples, iterative and recursive algorithms) from Computer's Architecture course in Sapienza University, CS Bachelor's Degree 💾

news-list

List of Tech/Geo/Economics/Politics sources of news. 🌍

gochanges

**[ARCHIVED]** website changes tracker 🔍

nuclei-cve-gpt

[experiment] Generate Nuclei templates for CVEs using chatGPT

offensive-onos

My experiments in weaponizing ONOS applications (https://github.com/opennetworkinglab/onos)

Scripts

multi-pdf-finder

Are you looking for a word in many pdf files? Do it one time. ⚡

edovshitler

SAVE THE EARTH! 👾 🎮

defango

URL / IP / Email defanging with Golang. Make IoC harmless.

fileDecrypter

Simple C file decrypter 🔒

HackerRank-Python

HackerRank-Python 🐍

bashify

Powershell profile to bashify your Windows prompt

TweetPro

University Java project. It's a lightweight tool specialized in tweets analysis. 📈

powershell365

[PAUSED] 365 (one per day) tips to learn Powershell

gonesis

Generate Golang project template ready to be pushed on GitHub using a single command

COVID-19

Info/Data (global/italy) about COVID-19. PR welcome for other countries.

PostgresSQL-DB

Easy implementation of some postgreSQL Databases for practicing with Conceptual analysis of requirements, design of relational databases and SQL queries

READMENATOR

Final README.md sample for all kind of projects [ readme, boilerplate, badges, template, github, material, design, opensource, badge, ui, beauty ]

cpu-usage

Simple cpu usage scripts with some programming languages

RFDos-Scanner

Response Filter Denial of Service (RFDoS) Experimental Scanner

omegle-geolocalization

Localize strangers on Omegle. See Country, State, City, District, Latitude and Longitude.

bugcrowd-go

Golang Bugcrowd API client

go-readingtime

Estimate how long it takes to read a text

images

🖼️Images for edoardottt's repositories🖼️

dalle

Simple Golang Client to interact with Dall-E API

GDPR

General Data Protection Regulation

computerphile-pong

Pong game with a little bit of Data Science. Computerphile.

edoardottt

Hey! I'm edoardottt! 🏴‍☠️👹

Eproject

My first Django application

master-degree-thesis

Proposal and Investigation of a framework for Cross App Poisoning attacks detection in Software Defined Networks - Master of Science in Cybersecurity Thesis, Sapienza University

edoardoottavianelli.it

My personal website (https://www.edoardoottavianelli.it/)

bachelor-degree-thesis

Design e Sviluppo del sistema di End User Development in SeismoCloud - Laurea Triennale in Informatica Università Sapienza di Roma

hello-world

SeekUp

Progetto Ingegneria del Software - Informatica, Università Sapienza