favirecon
« Back to VersTracker
Description:
Uses favicon.ico to improve the target recon phase
Type: Formula  |  Latest Version: 1.0.2@0  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: reconnaissance security pentesting osint fingerprinting
Install: brew install favirecon
About:
Favirecon is a reconnaissance tool that leverages favicon.ico files to identify technologies and services behind web targets. By querying Shodan with the favicon's hash, it enhances the target discovery phase of security assessments. This provides security professionals with an additional vector for fingerprinting infrastructure without active scanning.
Key Features:
  • Extracts and hashes favicon.ico files from target websites
  • Queries Shodan API using favicon hashes for technology identification
  • Lightweight and fast reconnaissance tool
  • Integrates seamlessly into existing penetration testing workflows
  • Open-source and written in Go for cross-platform compatibility
Use Cases:
  • Passive reconnaissance during penetration testing engagements
  • OSINT gathering for external attack surface mapping
  • Red team operations for identifying technologies behind web services
  • Bug bounty hunting to discover hidden infrastructure
Alternatives:
  • whatweb – WhatWeb performs active scanning while Favirecon focuses on passive favicon-based reconnaissance
  • wappalyzer – Wappalyzer is a browser extension requiring user interaction, whereas Favirecon is a CLI tool for automated recon
License: MIT
Bottles available for: arm64_tahoe, arm64_sequoia, arm64_sonoma, sonoma, arm64_linux, x86_64_linux
Version History
Detected Version Rev Change Commit
Oct 10, 2025 1:06pm 0 VERSION_BUMP efd7a8b5
Oct 7, 2025 11:24am 0 VERSION_BUMP 7cdbfce4
Oct 7, 2025 11:04am 0 VERSION_BUMP ee243a24
Sep 13, 2025 6:21pm 0 VERSION_BUMP f1f457d8
Nov 11, 2024 9:36am 0 VERSION_BUMP 0a76390a
Sep 13, 2024 4:16am 0 VERSION_BUMP 6fcb4ec5