favicorn: All-sources tool to search websites
FAVICORN
All-sources tool to search websites by favicons.
Favicorn takes a favicon and provides search result links across 10 platforms, and not only.
Supported platforms
| Name | Login required |
|---|---|
| ZoomEye | yes |
| Shodan | yes |
| Fofa | no |
| VirusTotal | yes |
| BinaryEdge | yes |
| Netlas | no |
| Censys | no |
| ODIN | no |
| CriminalIP | yes |
| HunterHow | yes |
Use cases
- Search for phishing domains & brand protection
- Extend your scope for pentesting
- Search for C2 (command and control) servers of hackers
- Research purposes, you have to think bigger
Download
git clone https://github.com/sharsil/favicorn.git
Use
There are 3 search modes:
- search by direct favicon URL;
- search by file;
- and search by domain (guessing possible favicons).
Search by a specific favicon URL (--uri, -u):
./favicorn.py -u https://emojipedia.org/images/favicon-32×32.png
Search by a favicon file (--file, -f):
./favicorn.py -f test-favicon.png
Search by a domain, resolving to IPs and checking their favicons (--domain, -d):
./favicorn.py -d google.com
Additional options
Show favicon hashes for a search (--verbose): ./favicorn.py -d google.com -v
Get additional favicon versions using search engines (--add-from-search-engines, -e): ./favicorn.py -d google.com -e
Save all links to the specific file (-s, --save-links-filename): ./favicorn.py -d google.com -s links.txt
Give tinyurl links instead of full links for platforms: --tinyurl
Show only links to platforms, don’t extract preview of results: --no-fetch
Disable unicorn animation (dangerous option, use with caution!): --no-logo
