01HNNWZ0MV43FF 3 days ago

Weird. It's exactly what it says, but I don't see how it's useful. I guess a lot of people reuse assets between sock puppet sites?

  • jamesmotherway 3 days ago

    I've used favicons (along with analytics IDs) to identify related malicious sites. You can also apply this to detect brand abuse and phishing pages.

PranaFlux 7 days ago

This free online tool helps you analyze website favicons and generate various hash formats used by popular search engines and security tools. Enter a domain or URL below to analyze its favicon.

Seems nice. I've tried a couple examples and compared them to other websites like it, it works better. I don't have a Shodan account so I can't check it works well with it.

What do you guys think?

  • batch12 3 days ago

    I used to use this method, among others, to fingerprint Tor nodes. I used murmurhash3 so it was compatible with shodan, too.

    • batch12 3 days ago

      To the comment - you're showing [dead]

      > i'm curious, fingerprint in what way/purpose? all the relays are publicly listed by the Tor Project, so i'm guessing you mean something other than "x computer is a tor node"

      I understand the confusion. I was typing fast. I meant Tor hidden services. I ran a service called torwhois that collected data and shared it.

      • 01HNNWZ0MV43FF 2 days ago

        I thought Tor hidden services couldn't be enumerated?

        • batch12 2 days ago

          I was able to enumerate them in a few ways: Public repositories, DNS leaks, and people searching the service for onions.

donatj 3 days ago

I wish it didn't select the Apple Touch Icon when there was also a favicon