Skip to content

Hadiasemi/favfreak

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
.github/workflows
.github/workflows
 
 
README.md
README.md
 
 
default_fingerprint.json
default_fingerprint.json
 
 
favfreak.go
favfreak.go
 
 
favfreak.png
favfreak.png
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

Favicon Hash Detection Tool for Bug Bounty Hunters

image

Introduction

FavFreak is a tool designed to help bug bounty hunters identify websites using the same favicon across different domains. By generating unique hashes from favicons, you can uncover hidden infrastructure, find shadow IT assets, and increase your chances of discovering vulnerable services.

This tool supports search engines like Shodan, ZoomEye, and Censys to help you quickly and efficiently discover similar systems across the internet.

The original concept and Python implementation were created by Devansh Batham, which inspired the development of this improved version in Go. In this version, we’ve enhanced performance and added additional features like integrated search dork generation for multiple platforms, making it a more efficient tool for bug bounty hunters and cybersecurity researchers.

Features

  • Generate Favicon Hashes using MMH3 and MD5 algorithms.
  • Search Across Platforms like Shodan, ZoomEye, and Censys using generated hashes.
  • Detect Shared Infrastructure based on the same favicon hash across multiple domains.
  • Identify Shadow IT Assets by detecting systems not directly linked from public sites.
  • Fingerprint-Based Detection of technologies or services using favicon hashes.

Installation

1. Install Go

favfreak is written in Go, so you'll need to install it first. Here’s how to install Go on your system:

Linux / WSL:

sudo apt update
sudo apt install golang-go

macOS:

brew install go

Windows:

Download the installer from the official Go website.

Verify the Go installation:

go version

Installition of favfreak

go install github.com/Hadiasemi/favfreak@latest

Usage

1. Basic Favicon Hash Generation

To generate the favicon hash for a target website, run the following command:

cat file.txt | favfreak

The tool will attempt to fetch the favicon from the target, calculate its MMH3 and MD5 hashes, and display the results.

2. Search Dorks for Shodan, ZoomEye, and Censys

favfreak can generate search dorks that you can directly use on Shodan, ZoomEye, and Censys to find other systems using the same favicon hash.

To generate dorks, run the following:

Shodan:

cat file.txt | favfreak -shodan

ZoomEye:

cat file.txt | favfreak -zoomeye

Censys:

cat file.txt | favfreak  -censys

Generate Dorks for All Platforms:

cat file.txt | favfreak  -all

3. Using Fingerprint-Based Detection

One of the core features of favfreak is the ability to match favicon hashes to known services or technologies using a fingerprint dictionary.

Example JSON Fingerprint File (fingerprints.json):

{
    "99395752": "slack-instance",
    "878647854": "atlasian"
}

You can run favfreak with a fingerprint file to detect known services:

favfreak -fingerprint fingerprints.json

This will show results like:

================= [FingerPrint Based Detection Results] =================
[slack-instance] - count: 1
[atlasian] - count: 2

You can also pass the fingerprint as a JSON string directly in the terminal:

favfreak -fingerprint '{"99395752": "slack-instance", "878647854": "atlasian"}'

How Bug Bounty Hunters Can Benefit from favfreak

1. Discover Shared Infrastructure

Many companies use the same favicon across multiple domains. By identifying domains with the same favicon hash, you can map out a company's infrastructure, uncover hidden assets, and find more entry points for vulnerabilities.

2. Identify Shadow IT Assets

By using Shodan, ZoomEye, or Censys, you can identify services that may not be directly linked to the public-facing website. These shadow IT assets are often forgotten and more vulnerable.

3. Infer Technology Stack

Some favicons are tied to specific services or technologies. Using the fingerprint dictionary feature in favfreak, you can quickly identify services like Slack, Atlassian, or F5 Big-IP based on their favicon hashes.

Example Workflow for Bug Bounty Hunters

  1. Identify Favicon Hash: Start by generating a favicon hash for the target website using favfreak:

     cat file.txt | favfreak

  2. Search Across Platforms: Use the generated dorks to search Shodan, ZoomEye, and Censys for other domains or IP addresses that use the same favicon:

     cat file.txt | favfreak -all

  3. Map Out Infrastructure: If you find other domains or IPs using the same favicon, investigate these targets as part of your bug bounty assessment. These services might be part of the company's infrastructure but are often overlooked or misconfigured.

  4. Leverage Fingerprint-Based Detection: If you have known hashes for specific technologies or services, you can use the fingerprint-based detection feature to quickly identify them:

    cat file.txt | favfreak -fingerprint fingerprints.json

Contribution

If you’d like to contribute to favfreak, feel free to submit a pull request or create an issue in the repository.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

v0.1.3 Latest
Sep 11, 2024

Packages

No packages published

Languages