st3rven/fronthunter
FrontHunter is a specialized security testing utility designed to evaluate large domain lists for domain fronting viability. Domain fronting is a technique that routes connections through legitimate high-reputation domains to obscure the true destination, commonly used in red team engagements and adversary simulations. FrontHunter automates the process of identifying which CDN-hosted domains can serve as viable fronting candidates. The tool supports bulk domain testing from file inputs with multi-threaded execution for fast parallel processing, defaulting to 10 concurrent threads. Operators can customize HTTP parameters including headers, timeouts, ports, and SSL verification settings. Proxy support allows routing test requests through HTTP or HTTPS proxies. Response validation checks status codes and content against expected values to confirm fronting feasibility. Results can be exported in TXT, CSV, or JSON formats for integration into broader assessment workflows. FrontHunter is written in Python and requires only standard dependencies, making it easy to deploy in any testing environment.
git clone https://github.com/st3rven/fronthunter.git
Quick Start Example
# Single domain test
python fronthunter.py -c example.com --front-domain target.com
# Batch testing from file
python fronthunter.py -f domains.txt --front-domain target.com
# With proxy support
python fronthunter.py -c example.com --front-domain target.com \
--http-proxy http://proxy.example.com:8080
# Export results as JSON
python fronthunter.py -f domains.txt --front-domain target.com \
-o results.json --output-format json