A powerful domain probing tool that gathers extensive information and site structure details. This script performs comprehensive checks and analyses to provide in-depth insights about any given domain's infrastructure, security posture, and technology stack.
- 🌐 WHOIS information retrieval
- 🏷️ DNS record analysis
- 🔍 Subdomain discovery
- 🖥️ IP and reverse DNS lookup
- 🛡️ Web Application Firewall (WAF) detection
- 🔐 SSL certificate information
- 🕸️ Website technology stack detection
- 🔎 Sensitive file and directory checks
- 📡 API endpoint discovery
- 🛡️ Security header analysis
- 🍪 Cookie security assessment
- 🔒 DNSSEC, SPF, and DMARC record checks
- 🌐 Integration with Shodan for additional network insights
- Python
- pip (Python package manager)
- Clone this repository:
git clone https://github.com/RocketGod-git/domain-probe.git cd domain-probe
Run the script from the command line:
python domain-probe.py
The script will prompt you for the domain name to analyze. Alternatively, you can provide the domain name as a command-line argument:
python domain-probe.py example.com
The tool will guide you through the process, including prompting for a Shodan API key if needed.
The script provides a detailed report of its findings, organized into the following categories:
- Subdomains
- DNS Records
- SSL Certificate Information
- Interesting URLs
- Security Headers
- Sensitive Headers
- Cookies
- Framework Detection
- Other relevant information
Contributions, issues, and feature requests are welcome!
This project is licensed under the GPL-3.0 license - see the LICENSE file for details.
This tool is for educational and research purposes only. Always ensure you have permission to perform scans or information gathering on any domain or network that you do not own or have explicit permission to test.
- Shodan for providing additional network insights
- All the open-source libraries used in this project
