Analysis Modules
15 feature-gated Cargo modules organized into three security domains. Each module can be enabled independently via Cargo features.
Pillar 1 — Intelligence Gathering
Domain Info
WHOIS lookup, SSL certificate analysis, DNS records, port scanning, and composite security score.
DNS Records
A, AAAA, MX, NS, SOA, TXT, CNAME, SRV resolution via system dig commands.
Technology Detection
10 servers, 8 backend, 7 frontend frameworks, 12 JS libs, 11 CMS, 9 e-commerce, 8 WAF detection.
SEO Analysis
13 analysis categories including meta tags, schemas, Open Graph, Twitter Cards, and analytics tracking.
Performance Metrics
Server response metrics, redirect analysis, HTTP/2 support verification, HSTS detection.
Pillar 2 — Reconnaissance
Subdomain Discovery
Subfinder integration with deduplication, multi-part TLD support, and async enumeration.
Contact Spy
BFS-based email, phone, and social profile crawling across 15 platforms with validation.
Content Scanner
24 secret patterns, 13 JS vulnerability checks, SSRF detection, path traversal probing, and sensitive file enumeration.
Pillar 3 — Security Assessment
Security Analysis
WAF detection (7 providers), SSL grading A+ to F, CORS misconfiguration, cookie security audit.
Subdomain Takeover
36-service vulnerability database with CNAME/A/NS checks, 5 detection cases, exploitation difficulty ratings.
API Scanner
9 test suites: SQL injection, XSS, SSRF, path traversal, CORS, auth bypass, rate limiting, header analysis.
Nmap Zero-Day
Nmap integration, NVD CVE lookup, Exploit-DB correlation, CVSS severity mapping, comprehensive reporting.