Silent Recon

Passive and extensible web security scanner. Detects CORS flaws, missing headers, exposed APIs.

Silent Recon is a browser-native security reconnaissance extension for authorized web application testing. It passively observes pages, requests, response headers, scripts, and API activity while you browse, then turns those signals into local findings and dashboard views. I built it for bug bounty hunters, red teamers, security engineers, and developers who want a faster way to spot web security misconfigurations and attack-surface clues during normal testing. The latest features of version 1.0 are: - Detects CORS misconfigurations, including wildcard CORS with credentials - Flags missing HTTP security headers such as CSP, HSTS, X-Frame-Options, Referrer-Policy, and related hardening headers - Identifies API endpoints, GraphQL activity, JavaScript assets, and exposed API documentation paths - Highlights auth/session indicators, sensitive JSON patterns, token-like values, privileged routes, and input-risk candidates - Builds endpoint maps, script intelligence, auth profiles, workflow chains, saved targets, and browsing sessions - Includes approved-target mode, target lock, first-party filtering, noise suppression, and clear/export controls - Provides a free local preview with optional Pro features for deeper triage, retention, workflow views, and export Silent Recon is passive: it does not attack, fuzz, exploit, brute force, or modify traffic. It is intended only for systems and applications where you have permission to perform security testing. Scan findings and browsing-derived reconnaissance data are processed and stored locally in the browser extension. Silent Recon does not sell user data or use it for advertising. License activation and validation, if used, are handled through silent-recon.com.