Csprecon

Discover new target domains using Content Security Policy

Generate Convert Improve

Install / Use

/learn @edoardottt/Csprecon

About this skill

Quality Score

0/100

README

<h1 align="center"> csprecon <br> </h1> <h4 align="center">Discover new target domains using Content Security Policy</h4> <h6 align="center"> Coded with 💙 by edoardottt </h6> <p align="center"> <a href="https://github.com/edoardottt/csprecon/actions"> <img src="https://github.com/edoardottt/csprecon/actions/workflows/go.yml/badge.svg" alt="go action"> </a> <a href="https://goreportcard.com/report/github.com/edoardottt/csprecon"> <img src="https://goreportcard.com/badge/github.com/edoardottt/csprecon" alt="go report card"> </a> <br>  <a href="https://twitter.com/intent/tweet?text=csprecon%20-%20Reconnaissance%20tool%20based%20on%20Content%20Security%20Policy%20https%3A%2F%2Fgithub.com%2Fedoardottt%2Fcsprecon%20%23golang%20%23github%20%23linux%20%23infosec%20%23bugbounty" target="_blank">Share on Twitter! </a> </p> <p align="center"> <a href="#install-">Install</a> • <a href="#get-started-">Get Started</a> • <a href="#examples-">Examples</a> • <a href="#changelog-">Changelog</a> • <a href="#contributing-">Contributing</a> • <a href="#license-">License</a> </p> <p align="center"> <img src="https://github.com/edoardottt/images/blob/main/csprecon/csprecon.gif"> </p>

Install 📡

Homebrew

brew install csprecon

Snap

sudo snap install csprecon

Go

go install github.com/edoardottt/csprecon/cmd/csprecon@latest

Get Started 🎉

Usage:
  csprecon [flags]

Flags:
INPUT:
   -u, -url string   Input domain
   -l, -list string  File containing input domains
   -cidr             Interpret input as CIDR

CONFIGURATIONS:
   -d, -domain string[]  Filter results belonging to these domains (comma separated)
   -c, -concurrency int  Concurrency level (default 50)
   -t, -timeout int      Connection timeout in seconds (default 10)
   -rl, -rate-limit int  Set a rate limit (per second)
   -px, -proxy string    Set a proxy server (URL)

OUTPUT:
   -o, -output string  File to write output results
   -v, -verbose        Verbose output
   -s, -silent         Silent output. Print only results
   -j, -json           JSON output

Examples 💡

Grab all possible results from single domain

csprecon -u https://www.github.com

echo https://www.github.com | csprecon

Grab all possible results from a list of domains (protocols needed!)

csprecon -l targets.txt

cat targets.txt | csprecon

Grab all possible results belonging to specific target(s) from a list of domains (protocols needed!)

cat targets.txt | csprecon -d google.com

Grab all possible results from single CIDR

csprecon -u 192.168.1.0/24 -cidr

Set a rate limit of 10 requests per second

cat targets.txt | csprecon -rl 10

JSON Output

cat targets.txt | csprecon -j

Use a Proxy

cat targets.txt | csprecon -px http://127.0.0.1:8080

Changelog 📌

Detailed changes for each release are documented in the release notes.

Contributing 🛠

Just open an issue / pull request.

Before opening a pull request, download golangci-lint and run

golangci-lint run

If there aren't errors, go ahead :)

In the news 📰

License 📝

This repository is under MIT License.
edoardottt.com to contact me.

Related Skills

healthcheck

349.9k

Host security hardening and risk-tolerance configuration for OpenClaw deployments

xurl

349.9k

A CLI tool for making authenticated requests to the X (Twitter) API. Use this skill when you need to post tweets, reply, quote, search, read posts, manage followers, send DMs, upload media, or interact with any X API v2 endpoint.

prose

349.9k

OpenProse VM skill pack. Activate on any `prose` command, .prose files, or OpenProse mentions; orchestrates multi-agent workflows.

qqbot-channel

349.9k

QQ 频道管理技能。查询频道列表、子频道、成员、发帖、公告、日程等操作。使用 qqbot_channel_api 工具代理 QQ 开放平台 HTTP 接口，自动处理 Token 鉴权。当用户需要查看频道、管理子频道、查询成员、发布帖子/公告/日程时使用。