Information Gathering

FAVICORN : A Comprehensive Tool For Favicon-Based Website Searches

Favicorn is an innovative tool designed to search websites by their favicons, offering a unique approach to online exploration and cybersecurity research.

By leveraging favicon data, Favicorn provides search result links across multiple platforms, making it a powerful resource for OSINT (Open Source Intelligence) investigations.

How Favicorn Works

Favicorn operates by taking a favicon (a small icon associated with a website) and generating search results across 10 platforms. Users can interact with Favicorn in three primary ways:

  1. Direct Favicon URL Search: Use the --uri or -u option to input a specific favicon URL.
   ./favicorn.py -u https://emojipedia.org/images/favicon-32x32.png
  1. File-Based Search: Upload a favicon file using the --file or -f option.
   ./favicorn.py -f test-favicon.png
  1. Domain-Based Search: Enter a domain name, and Favicorn will resolve its IPs and identify potential favicons using the --domain or -d option.
   ./favicorn.py -d google.com

Favicorn includes several advanced options to enhance functionality:

  • Verbose Mode: Displays favicon hashes during searches (--verbose).
  • Extended Search: Retrieves additional favicon versions via search engines (--add-from-search-engines).
  • Save Results: Exports links to a file (--save-links-filename).
  • TinyURL Integration: Converts full platform links into TinyURLs (--tinyurl).
  • Customizable Output: Disable result previews (--no-fetch) or animations (--no-logo).

Favicorn supports various platforms, including:

  • ZoomEye (login required)
  • Shodan (API key required)
  • Fofa, VirusTotal, BinaryEdge, Netlas, and more.

Favicorn is particularly useful for:

  • Identifying phishing domains for brand protection.
  • Expanding the scope of penetration testing.
  • Detecting command-and-control (C2) servers used by hackers.
  • Conducting broader research in cybersecurity and OSINT.

Favicorn is an open-source project supported by an active OSINT community. Contributions, bug fixes, and feature suggestions are encouraged.

By dropping a star on the GitHub repository, users can help prioritize new features like automated scraping.

Favicorn is not just another tool—it’s a gateway to deeper web insights through the lens of favicons.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

1 hour ago

How to Bash Append to File: A Simple Guide for Beginners

If you are working with Linux or writing bash scripts, one of the most common…

2 hours ago

Mastering the Bash Case Statement with Simple Examples

What is a bash case statement? A bash case statement is a way to control…

2 hours ago

How to Check if a File Exists in Bash – Simply Explained

Why Do We Check Files in Bash? When writing a Bash script, you often work…

2 days ago

Bash Arrays Explained Simply: Beginner’s Guide with Examples

If you’re learning Bash scripting, one of the most useful features you’ll come across is…

3 days ago

Bash For Loop Examples Explained Simply for Beginners

If you are new to Bash scripting or Linux shell scripting, one of the most…

3 days ago