50+ modules for auditing, firewall management, VPN, SSL, DNS and network scanning. Runs entirely on your hardware. No cloud. No telemetry.
SSL/TLS, cookies, CORS, CSP, methods, technology stack, mail, clickjacking, open redirect, ports, path & admin probe. Weighted score, radar chart, PDF report.
Service identification from root page, sensitive file probing (.git, .env, backups, phpinfo). Default credentials from public DB (DefaultCreds-cheat-sheet).
Certificate Transparency logs, SAN crawler (recursive TLS certificate extraction), DNS brute force. Cert status, DNS resolve, dangling detection.
Parser, builder and exporter. 18 audit checks with findings and guided fixes. Rule conflict detection, simulator, diff.
Configuration generator and auditor. Multi-client, mesh topology, DDNS integration via BIND9 event hooks.
Multi-resolver queries, DNSSEC, AXFR, reverse lookup, PTR sweep on ASN CIDRs. BIND9 config generator with RPZ blocklists.
LAN and remote subnet scanning with topology map. SNMP audit, NetBIOS hostname discovery, multi-host scan with per-host audit.
Detects ARP Poisoning, DHCP Rogue, DNS Spoofing, SYN Flood, port scan activity, Stratum mining connections.
Protocol support, cipher suites, certificate chain, OCSP stapling, HSTS preload, CT logs, forward secrecy. Grade A–F.
SPF, automatic DKIM selector discovery, DMARC policy, RBL on 10 blacklists, STARTTLS, MX fingerprint.
Technology stack detection (7500+ signatures), WAF identification, CVE lookup from NVD, service fingerprinting with hardening findings.