FavFreak - Weaponizing favicon.ico for OSINT

by LoroPiana - 10 January, 2022 - 07:27 PM

This post is by a banned member (LoroPiana) - Unhide

LoroPiana

946
Posts

187
Threads

6 Years of service

OP 10 January, 2022 - 07:27 PM (This post was last modified: 10 January, 2022 - 07:27 PM by LoroPiana. Edited 1 time in total.)

You can use this tool when it comes to recon, using Favicon hashes. It takes a list of urls (with https or http protocol) from stdin ,then it fetches favicon.ico and calculates its hash value. It sorts the domains/subdomains/IPs according to their favicon hashes and the most interesting part is , It matches calculated favicon hashes with the favicon hashes present in the fingerprint dictionary , If matched then it will show you the results in the output, there is option to generate shodan dorks as well (that is pretty basic and you can do it manually as well)

“The lesser known art of Recon using Favicon hashes”

Hidden Content

You must register or login to view this content.

useful resource imo Smart

1 Reply

This post is by a banned member (bijorashv3bi) - Unhide

This post is by a banned member (nifsat) - Unhide

This post is by a banned member (Chris7777) - Unhide

Chris7777

13
Posts

0
Threads

2 Years of service

02 October, 2022 - 10:39 PM

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account Sign up for a new account in our community. It's easy! Register a new account	or	Sign in Already have an account? Sign in here. Sign in now

Forum Jump:

Users browsing this thread: 1 Guest(s)

Login
Username:
Password:	Lost Password?
	Remember me

FavFreak - Weaponizing favicon.ico for OSINT

About Cracked.io

Navigation

Extras

Help

Account