EdOverflow / Csp
Licence: mit
Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.
Stars: ✭ 89
Programming Languages
go
31211 projects - #10 most used programming language
Projects that are alternatives of or similar to Csp
Zile
Extract API keys from file or url using by magic of python and regex.
Stars: ✭ 61 (-31.46%)
Mutual labels: bugbounty
31 Days Of Api Security Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
Stars: ✭ 1,038 (+1066.29%)
Mutual labels: bugbounty
Differer
differer finds how URLs are parsed by different languages in order to help bug hunters break filters
Stars: ✭ 56 (-37.08%)
Mutual labels: bugbounty
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-30.34%)
Mutual labels: bugbounty
Burpbounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+1052.81%)
Mutual labels: bugbounty
So 5 5
SObjectizer: it's all about in-process message dispatching!
Stars: ✭ 87 (-2.25%)
Mutual labels: csp
Rfd Checker
RFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-37.08%)
Mutual labels: bugbounty
Gitgraber
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+1207.87%)
Mutual labels: bugbounty
Halive
A fast http and https prober, to check which URLs are alive
Stars: ✭ 47 (-47.19%)
Mutual labels: bugbounty
Jaeles
The Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+1105.62%)
Mutual labels: bugbounty
Findsploit
Find exploits in local and online databases instantly
Stars: ✭ 1,160 (+1203.37%)
Mutual labels: bugbounty
Bug Bounty Responses
A collection of response templates for invalid bug bounty reports.
Stars: ✭ 46 (-48.31%)
Mutual labels: bugbounty
Drishti
A fast HTTP Response status checker implemented in Python3
Stars: ✭ 46 (-48.31%)
Mutual labels: bugbounty
S3reverse
The format of various s3 buckets is convert in one format. for bugbounty and security testing.
Stars: ✭ 61 (-31.46%)
Mutual labels: bugbounty
Webhackersweapons
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (+1253.93%)
Mutual labels: bugbounty
csp
Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs. I use this for reconnaissance purposes while bug bounty hunting.
Usage
$ cat hosts.txt
http://example.com/
$ cat hosts.txt | csp
example.com
subdomain.example.com
...
Set concurrency level using the -c
flag.
$ csp -h
Usage of csp:
-c int
set the concurrency level (default 20)
$ cat hosts.txt | csp -c 2
...
Installation
$ go get -u github.com/edoverflow/csp
You can also download a binary and put it in your $PATH
(e.g. in /usr/bin/
).
Contributing
I welcome contributions from the public.
Using the issue tracker 💡
The issue tracker is the preferred channel for bug reports and features requests.
Issues and labels 🏷
The bug tracker utilizes several labels to help organize and identify issues.
Guidelines for bug reports 🐛
Use the GitHub issue search — check if the issue has already been reported.
Credit
Thank you to @TomNomNom, @jimen0, and @003random for their help.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].