Awesome Open Source
Awesome Open Source


Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs. I use this for reconnaissance purposes while bug bounty hunting.

Buy Me A Coffee


$ cat hosts.txt
$ cat hosts.txt | csp

Set concurrency level using the -c flag.

$ csp -h
Usage of csp:
  -c int
    	set the concurrency level (default 20)
$ cat hosts.txt | csp -c 2


$ go get -u

You can also download a binary and put it in your $PATH (e.g. in /usr/bin/).


I welcome contributions from the public.

Using the issue tracker 💡

The issue tracker is the preferred channel for bug reports and features requests.

Issues and labels 🏷

The bug tracker utilizes several labels to help organize and identify issues.

Guidelines for bug reports 🐛

Use the GitHub issue search — check if the issue has already been reported.


Thank you to @TomNomNom, @jimen0, and @003random for their help.

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
go (14,975
security (1,880
bugbounty (178
csp (32