csp

Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs. I use this for reconnaissance purposes while bug bounty hunting.

Buy Me A Coffee

Usage

$ cat hosts.txt
http://example.com/
$ cat hosts.txt | csp
example.com
subdomain.example.com
...

Set concurrency level using the -c flag.

$ csp -h
Usage of csp:
  -c int
        set the concurrency level (default 20)
$ cat hosts.txt | csp -c 2
...

Installation

$ go get -u github.com/edoverflow/csp

You can also download a binary and put it in your $PATH (e.g. in /usr/bin/).

Contributing

I welcome contributions from the public.

Using the issue tracker 💡

The issue tracker is the preferred channel for bug reports and features requests.

Issues and labels 🏷

The bug tracker utilizes several labels to help organize and identify issues.

Guidelines for bug reports 🐛

Use the GitHub issue search — check if the issue has already been reported.

Credit

Thank you to @TomNomNom, @jimen0, and @003random for their help.

Csp

Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.

Csp Info

⭐ Stars 96
🔗 Source Code github.com
🕒 Last Update 7 months ago
🕒 Created 3 years ago
🐞 Open Issues 1
➗ Star-Issue Ratio 96
😎 Author EdOverflow