Skip to main content

web_analyzer/
lib.rs

1//! # Web Analyzer
2//!
3//! **Enterprise domain security & intelligence platform** — a high-performance
4//! Rust toolkit for comprehensive web reconnaissance, security assessment, and
5//! technology fingerprinting.
6//!
7//! ## Module Architecture
8//!
9//! The crate is organized into three security pillars, each gated by
10//! individual Cargo feature flags:
11//!
12//! ### 🔎 Intelligence Gathering
13//! - [`domain_info`] — WHOIS, SSL certificates, DNS, port scanning, security score
14//! - [`domain_dns`] — A, AAAA, MX, NS, SOA, TXT, CNAME record resolution
15//! - [`seo_analysis`] — 13-category SEO audit with composite scoring
16//! - [`web_technologies`] — Technology fingerprinting across 16 categories
17//! - [`domain_validator`] — Bulk domain validation with parallel processing
18//!
19//! ### 🕵️ Reconnaissance
20//! - [`subdomain_discovery`] — Subfinder integration with deduplication
21//! - [`contact_spy`] — BFS crawl for email, phone, and social media extraction
22//! - [`advanced_content_scanner`] — Secret pattern detection & JS vulnerability analysis
23//!
24//! ### 🛡️ Security Assessment
25//! - [`security_analysis`] — WAF detection, SSL grading, CORS, cookies, composite score
26//! - [`subdomain_takeover`] — 36-service vulnerability database with exploitation ratings
27//! - [`cloudflare_bypass`] — Origin IP discovery via history lookup
28//! - [`nmap_zero_day`] — Nmap integration with NVD CVE and Exploit-DB lookup
29//! - [`api_security_scanner`] — 9 test suites: SQLi, XSS, SSRF, path traversal, and more
30//! - [`geo_analysis`] — AI/LLM readiness analysis and crawler directives
31//!
32//! ## Quick Start
33//!
34//! ```toml
35//! [dependencies]
36//! web-analyzer = "0.1"
37//! tokio = { version = "1", features = ["full"] }
38//! ```
39//!
40//! ```rust,no_run
41//! use web_analyzer::domain_info::get_domain_info;
42//!
43//! #[tokio::main]
44//! async fn main() {
45//!     let info = get_domain_info("example.com", None).await.unwrap();
46//!     println!("IP: {:?}", info.ipv4);
47//! }
48//! ```
49//!
50//! ## Feature Flags
51//!
52//! By default, **all modules** are enabled. Disable default features and
53//! select only what you need to reduce compile times:
54//!
55//! ```toml
56//! [dependencies]
57//! web-analyzer = { version = "0.1", default-features = false, features = ["domain-info", "security-analysis"] }
58//! ```
59
60#![cfg_attr(docsrs, feature(doc_cfg))]
61
62/// Error types for the web-analyzer crate.
63pub mod error;
64
65use serde::{Deserialize, Serialize};
66#[cfg(not(target_os = "android"))]
67use std::sync::Once;
68
69/// Standardized progress event for async tasks.
70#[derive(Debug, Clone, Serialize, Deserialize)]
71pub struct ScanProgress {
72    pub module: String,
73    pub percentage: f32,
74    pub message: String,
75    pub status: String,
76}
77
78#[cfg(not(target_os = "android"))]
79static CRYPTO_PROVIDER_INIT: Once = Once::new();
80
81/// Return a reqwest client builder after installing the Rustls ring provider once.
82pub fn http_client_builder() -> reqwest::ClientBuilder {
83    #[cfg(not(target_os = "android"))]
84    {
85        CRYPTO_PROVIDER_INIT.call_once(|| {
86            let _ = rustls::crypto::ring::default_provider().install_default();
87        });
88    }
89
90    reqwest::Client::builder()
91}
92
93/// Compile-time embedded payloads from the `payloads/` directory.
94pub mod payloads;
95
96// ── Intelligence Gathering ──────────────────────────────────────────
97
98#[cfg(feature = "domain-info")]
99#[cfg_attr(docsrs, doc(cfg(feature = "domain-info")))]
100pub mod domain_info;
101
102#[cfg(feature = "domain-info-mobile")]
103#[cfg_attr(docsrs, doc(cfg(feature = "domain-info-mobile")))]
104pub mod domain_info_mobile;
105
106#[cfg(feature = "domain-dns")]
107#[cfg_attr(docsrs, doc(cfg(feature = "domain-dns")))]
108pub mod domain_dns;
109
110#[cfg(feature = "domain-dns-mobile")]
111#[cfg_attr(docsrs, doc(cfg(feature = "domain-dns-mobile")))]
112pub mod domain_dns_mobile;
113
114#[cfg(feature = "seo-analysis")]
115#[cfg_attr(docsrs, doc(cfg(feature = "seo-analysis")))]
116pub mod seo_analysis;
117
118#[cfg(feature = "web-technologies")]
119#[cfg_attr(docsrs, doc(cfg(feature = "web-technologies")))]
120pub mod web_technologies;
121
122#[cfg(feature = "domain-validator")]
123#[cfg_attr(docsrs, doc(cfg(feature = "domain-validator")))]
124pub mod domain_validator;
125
126#[cfg(feature = "domain-validator-mobile")]
127#[cfg_attr(docsrs, doc(cfg(feature = "domain-validator-mobile")))]
128pub mod domain_validator_mobile;
129
130// ── Reconnaissance ──────────────────────────────────────────────────
131
132#[cfg(all(
133    feature = "subdomain-discovery",
134    not(any(target_os = "android", target_os = "ios"))
135))]
136#[cfg_attr(docsrs, doc(cfg(feature = "subdomain-discovery")))]
137pub mod subdomain_discovery;
138
139#[cfg(all(
140    feature = "subdomain-discovery",
141    any(target_os = "android", target_os = "ios")
142))]
143#[cfg_attr(docsrs, doc(cfg(feature = "subdomain-discovery-mobile")))]
144pub mod subdomain_discovery_mobile;
145#[cfg(all(
146    feature = "subdomain-discovery",
147    any(target_os = "android", target_os = "ios")
148))]
149pub use subdomain_discovery_mobile as subdomain_discovery;
150
151#[cfg(feature = "contact-spy")]
152#[cfg_attr(docsrs, doc(cfg(feature = "contact-spy")))]
153pub mod contact_spy;
154
155#[cfg(feature = "advanced-content-scanner")]
156#[cfg_attr(docsrs, doc(cfg(feature = "advanced-content-scanner")))]
157pub mod advanced_content_scanner;
158
159// ── Security Assessment ─────────────────────────────────────────────
160
161#[cfg(feature = "security-analysis")]
162#[cfg_attr(docsrs, doc(cfg(feature = "security-analysis")))]
163pub mod security_analysis;
164
165#[cfg(feature = "security-analysis-mobile")]
166#[cfg_attr(docsrs, doc(cfg(feature = "security-analysis-mobile")))]
167pub mod security_analysis_mobile;
168
169#[cfg(feature = "subdomain-takeover")]
170#[cfg_attr(docsrs, doc(cfg(feature = "subdomain-takeover")))]
171pub mod subdomain_takeover;
172
173#[cfg(feature = "subdomain-takeover-mobile")]
174#[cfg_attr(docsrs, doc(cfg(feature = "subdomain-takeover-mobile")))]
175pub mod subdomain_takeover_mobile;
176
177#[cfg(feature = "cloudflare-bypass")]
178#[cfg_attr(docsrs, doc(cfg(feature = "cloudflare-bypass")))]
179pub mod cloudflare_bypass;
180
181#[cfg(all(
182    feature = "nmap-zero-day",
183    not(any(target_os = "android", target_os = "ios"))
184))]
185#[cfg_attr(docsrs, doc(cfg(feature = "nmap-zero-day")))]
186pub mod nmap_zero_day;
187
188#[cfg(all(
189    feature = "nmap-zero-day",
190    any(target_os = "android", target_os = "ios")
191))]
192#[cfg_attr(docsrs, doc(cfg(feature = "nmap-zero-day-mobile")))]
193pub mod nmap_zero_day_mobile;
194#[cfg(all(
195    feature = "nmap-zero-day",
196    any(target_os = "android", target_os = "ios")
197))]
198pub use nmap_zero_day_mobile as nmap_zero_day;
199
200#[cfg(feature = "api-security-scanner")]
201#[cfg_attr(docsrs, doc(cfg(feature = "api-security-scanner")))]
202pub mod api_security_scanner;
203
204#[cfg(feature = "geo-analysis")]
205#[cfg_attr(docsrs, doc(cfg(feature = "geo-analysis")))]
206pub mod geo_analysis;
207
208#[cfg(feature = "react2shell")]
209#[cfg_attr(docsrs, doc(cfg(feature = "react2shell")))]
210pub mod react;
211
212#[cfg(feature = "react-honeypot")]
213#[cfg_attr(docsrs, doc(cfg(feature = "react-honeypot")))]
214pub mod react_honeypot;