Log in
Preview of ReconDrop

ReconDrop by Faizad Khan

A passive client-side recon tool for security professionals. Scans web pages for exposed API endpoints, secrets, DOM sinks, inline events, and framework fingerprints.

Experimental
5 (3 reviews)
Download Firefox and get the extension
Download file
About this extension
ReconDrop is a browser-based passive reconnaissance extension designed for penetration testers and security researchers.

Features:
- 🔍 Framework fingerprinting (48 frameworks detected)
- 🔑 Secret detection — AWS keys, JWTs, API tokens
- 🌐 URL & endpoint collection (4-layer deep scan)
- ⚠️ DOM sink detection — innerHTML, eval, document.write
- 🎯 Inline event handler mapping
- 📥 Export all findings as JSON

ReconDrop runs entirely in the page context — no data is sent externally. All results are displayed locally and can be exported for reporting.

Built for use during authorized penetration testing engagements only.
Rated 5 by 3 reviewers

Star rating saved

5
3
4
0
3
0
2
0
1
0
Permissions and data

Optional permissions:

  • Access your data for all websites

Data collection:

  • The developer says this extension doesn't require data collection.
Learn more
More information
Add-on Links
Version
3.0
Size
35.96 KB
Last updated
9 days ago (Apr 24, 2026)
Version History
Add to collection
Report this add-on