Information Gathering

FAVICORN : A Comprehensive Tool For Favicon-Based Website Searches

Favicorn is an innovative tool designed to search websites by their favicons, offering a unique approach to online exploration and cybersecurity research.

By leveraging favicon data, Favicorn provides search result links across multiple platforms, making it a powerful resource for OSINT (Open Source Intelligence) investigations.

How Favicorn Works

Favicorn operates by taking a favicon (a small icon associated with a website) and generating search results across 10 platforms. Users can interact with Favicorn in three primary ways:

  1. Direct Favicon URL Search: Use the --uri or -u option to input a specific favicon URL.
   ./favicorn.py -u https://emojipedia.org/images/favicon-32x32.png
  1. File-Based Search: Upload a favicon file using the --file or -f option.
   ./favicorn.py -f test-favicon.png
  1. Domain-Based Search: Enter a domain name, and Favicorn will resolve its IPs and identify potential favicons using the --domain or -d option.
   ./favicorn.py -d google.com

Favicorn includes several advanced options to enhance functionality:

  • Verbose Mode: Displays favicon hashes during searches (--verbose).
  • Extended Search: Retrieves additional favicon versions via search engines (--add-from-search-engines).
  • Save Results: Exports links to a file (--save-links-filename).
  • TinyURL Integration: Converts full platform links into TinyURLs (--tinyurl).
  • Customizable Output: Disable result previews (--no-fetch) or animations (--no-logo).

Favicorn supports various platforms, including:

  • ZoomEye (login required)
  • Shodan (API key required)
  • Fofa, VirusTotal, BinaryEdge, Netlas, and more.

Favicorn is particularly useful for:

  • Identifying phishing domains for brand protection.
  • Expanding the scope of penetration testing.
  • Detecting command-and-control (C2) servers used by hackers.
  • Conducting broader research in cybersecurity and OSINT.

Favicorn is an open-source project supported by an active OSINT community. Contributions, bug fixes, and feature suggestions are encouraged.

By dropping a star on the GitHub repository, users can help prioritize new features like automated scraping.

Favicorn is not just another tool—it’s a gateway to deeper web insights through the lens of favicons.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: cybersecurityFAVICORNinformationsecuritykalilinuxkalilinuxtools
6 months ago

Recent Posts

50+ Essential Linux Commands for Beginners and Experts: A Complete Guide

Introduction Unlock the full potential of your Linux system with this comprehensive guide to essential…

2 weeks ago

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

4 months ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

4 months ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

4 months ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

4 months ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

4 months ago