Security Audit & Vulnerability Tools

Check IP reputation

Check the reputation of an IP address across multiple threat intelligence databases. Detect malicious IPs, spam sources, and known attack origins.

Check domain reputation

Evaluate a domain's reputation across DNS blacklists, mail infrastructure, and security configurations. Identify domains used for phishing, spam, or malware distribution.

Audit open ports

Scan common ports on a target host to identify open services. Detect unnecessary exposed ports that could be security risks.

Enumerate subdomains

Discover subdomains using Certificate Transparency logs. Find hidden subdomains, staging environments, and forgotten infrastructure.

Detect subdomain takeover

Detect subdomain takeover vulnerabilities by checking for dangling DNS records pointing to unclaimed cloud services.

Detect DNS rebinding

Test domains for DNS rebinding vulnerabilities where DNS responses alternate between public and private IPs to bypass same-origin policies.

Scan GraphQL endpoints

Scan GraphQL endpoints for security misconfigurations including introspection exposure, query depth limits, and schema information leakage.

Detect HTTP request smuggling

Detect HTTP request smuggling vulnerabilities caused by differences in how front-end and back-end servers parse HTTP requests.

Check cloud storage exposure

Check S3 buckets, GCS buckets, and Azure Blob containers for public access misconfigurations. Detect exposed cloud storage resources.

Search CVE database

Search the CVE (Common Vulnerabilities and Exposures) database for known security vulnerabilities. Find CVEs by keyword, product, or vendor.

Search default passwords

Look up default credentials for network devices, routers, switches, and IoT devices. Essential for security auditing and initial device setup verification.

Generate secure passwords

Generate cryptographically secure random passwords with configurable length, character sets, and complexity requirements.

Evaluate password strength

Evaluate password strength using entropy analysis and pattern detection. Get recommendations for improving password security.

Generate MD5/SHA hashes

Generate cryptographic hashes using MD5, SHA-1, SHA-256, SHA-384, and SHA-512 algorithms. Compare file integrity and verify checksums.

Generate HMAC authentication codes

Generate Hash-based Message Authentication Codes (HMAC) for API authentication, webhook verification, and message integrity checking.

Decode and inspect JWT tokens

Decode JSON Web Tokens to inspect header, payload, and signature. View claims, expiration times, and token structure without external tools.

Test CORS policy configuration

Test Cross-Origin Resource Sharing (CORS) policy configuration. Verify allowed origins, methods, headers, and credentials settings.

Validate SSL certificate chain

Validate the complete SSL certificate chain from leaf to root. Detect missing intermediate certificates and chain ordering issues.

Trace HTTP redirect chain

Trace the complete HTTP redirect chain for any URL. Identify redirect loops, unnecessary redirects, and HTTP-to-HTTPS upgrade paths.

Detect web application firewalls

Detect the presence and type of Web Application Firewalls (WAF) protecting a website. Identify vendors like Cloudflare, AWS WAF, Akamai, and others.

Detect website tech stack

Detect the technology stack used by a website including web server, CMS, JavaScript frameworks, analytics tools, and CDN providers.

Discover API endpoints

Discover API endpoints by checking common paths like /api, /graphql, /swagger, and well-known configuration files. Map the API attack surface.

Test DNS AXFR zone transfer

Test if DNS servers allow unauthorized zone transfers (AXFR). Zone transfer misconfigurations can expose the complete list of DNS records for a domain.

Detect DNS takeover risks

Detect DNS takeover vulnerabilities by checking for orphaned DNS records pointing to decommissioned services or expired cloud resources.