Skip to content

733NW0LF/FOFA-Favicon-Hunter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 
ss.png
ss.png
 
 

Repository files navigation

FOFA Favicon Hunter 🔍

Python FOFA Status License

Automated reconnaissance tool that leverages FOFA and favicon hash (mmh3) fingerprinting to discover exposed assets across bug bounty targets.

🎯 Features

  • FOFA API integration
  • Favicon hash matching (icon_hash)
  • Bug bounty domain automation
  • Subdomain targeting (vpn, remote, secure)
  • Multithreaded scanning
  • JSON output

📸 Screenshot

⚙️ Installation

git clone https://github.com/733nw0lf/fofa-favicon-hunter.git
cd fofa-favicon-hunter
pip install -r requirements.txt

🔑 Configuration

Edit config.py:

FOFA_EMAIL = "your_email"
FOFA_KEY = "your_key"
TARGET_HASH = "-800551065"
MAX_DOMAINS = 500

▶️ Usage

python3 main.py

📊 Output

Saved as:

fofa## 🧠 How It Works

1. Loads bug bounty domains from public datasets  
2. Queries FOFA using favicon hash (`icon_hash`)  
3. Applies domain and subdomain filters  
4. Collects matching assets  
5. Outputs structured JSON results  _results.json

🧠 How It Works

  1. Loads bug bounty domains from public datasets
  2. Queries FOFA using favicon hash (icon_hash)
  3. Applies domain and subdomain filters
  4. Collects matching assets
  5. Outputs structured JSON results

About

Automated FOFA-based favicon hash hunter for bug bounty reconnaissance and exposed asset discovery (Fortinet EMS, VPN panels, misconfigured services)

Topics

automation bug recon nuclei bugbounty fofa bugbounty-tool fofa-cli fofa-api fofa-info

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages