xrecon is a powerful web fingerprinting tool with CDN detection capabilities. It assists security researchers and penetration testers in quickly identifying the technology stack of target websites and determining if they use a CDN.

• Support for single URL and bulk URL file inputs
• Web fingerprinting using the fingers library
• Integrated CDN detection with cdncheck
• Multiple output formats: terminal, CSV, and TXT
• Automatic URL completion (if http:// or https:// is not provided)

Ensure you have Go 1.18 or higher installed, then run:

go get -u github.com/zer0yu/xrecon

Scan a single URL:

xrecon -url https://example.com

Scan a list of URLs from a file:

xrecon -file urls.txt

By default, results are displayed in the terminal. Use the -output and -o options to specify the output format and file:

xrecon -url https://example.com -output csv -o results
xrecon -file urls.txt -output txt -o results

URL: https://example.com
Fingerprint: apache http server:wappalyzer||easy-software-ranzhi-oa:goby
CDN Info: CDN: true, Provider: Cloudflare, Type: cdn

URL: https://google.com
Fingerprint: Google Web Server:wappalyzer
CDN Info: CDN: false, Provider: , Type: 

• active mod
• passive mod
• update workflow

Contributions are welcome! Feel free to submit bug reports, feature requests, or pull requests.

This project is licensed under the MIT License. See the LICENSE file for details.

This tool is for educational and research purposes only. Unauthorized testing with this tool may violate laws. Users are responsible for all consequences of using this tool.

• fingers - Web fingerprinting library
• cdncheck - CDN detection library [support china cdn list]

If you have any questions or suggestions, please open an issue on GitHub.

Happy scanning!