CSP-Stalker is a Python-based CLI tool designed for reconnaissance by leveraging Content-Security-Policy (CSP) headers to extract apex domains. The tool further queries the MerkleMap API to enumerate subdomains and resolve their respective IP addresses. It is particularly useful for penetration testers, security researchers, and OSINT enthusiasts.
About MerkleMap : MerkleMap offers a comprehensive solution for subdomain enumeration, certificate transparency monitoring, and infrastructure discovery. Uncover hidden assets, investigate suspicious domains, and gain valuable insights with ease.
- Extracts apex domains from CSP headers of target websites.
- Enumerates all subdomains for each apex domain using MerkleMap's paginated API.
- Resolves IP addresses for the discovered subdomains.
- Supports both single URL and batch processing (file input for multiple URLs).
- Saves results in a structured JSON format for further analysis.
- Logs subdomain extraction progress across API pagination.
The tool requires Python 3.6+ and the following Python libraries:
requeststldextracttabulatebeautifulsoup4
Install these dependencies using the included requirements.txt file.
- Clone the repository:
git clone https://github.com/0xakashk/CSP-Stalker.git cd CSP-Stalker - Install dependencies:
pip install -r requirements.txt
- Run the tool:
python cli_CSP_Stalker.py -u https://example.com
-
To process a single URL:python cli_CSP_Stalker.py -u https://example.com
-
To process multiple URLs from a file:python cli_CSP_Stalker.py -f urls.txt
- View the output: Results are saved in the results directory as JSON files, with each domain's output saved as _results.json.