Crate web_analyzer

Expand description

§Web Analyzer

Enterprise domain security & intelligence platform — a high-performance Rust toolkit for comprehensive web reconnaissance, security assessment, and technology fingerprinting.

§Module Architecture

The crate is organized into three security pillars, each gated by individual Cargo feature flags:

§🔎 Intelligence Gathering

domain_info — WHOIS, SSL certificates, DNS, port scanning, security score
domain_dns — A, AAAA, MX, NS, SOA, TXT, CNAME record resolution
seo_analysis — 13-category SEO audit with composite scoring
web_technologies — Technology fingerprinting across 16 categories
domain_validator — Bulk domain validation with parallel processing

§🕵️ Reconnaissance

subdomain_discovery — Subfinder integration with deduplication
contact_spy — BFS crawl for email, phone, and social media extraction
advanced_content_scanner — Secret pattern detection & JS vulnerability analysis

§🛡️ Security Assessment

security_analysis — WAF detection, SSL grading, CORS, cookies, composite score
subdomain_takeover — 36-service vulnerability database with exploitation ratings
cloudflare_bypass — Origin IP discovery via history lookup
nmap_zero_day — Nmap integration with NVD CVE and Exploit-DB lookup
api_security_scanner — 9 test suites: SQLi, XSS, SSRF, path traversal, and more
geo_analysis — AI/LLM readiness analysis and crawler directives

§Quick Start

[dependencies]
web-analyzer = "0.1"
tokio = { version = "1", features = ["full"] }

use web_analyzer::domain_info::get_domain_info;

#[tokio::main]
async fn main() {
    let info = get_domain_info("example.com", None).await.unwrap();
    println!("IP: {:?}", info.ipv4);
}

§Feature Flags

By default, all modules are enabled. Disable default features and select only what you need to reduce compile times:

[dependencies]
web-analyzer = { version = "0.1", default-features = false, features = ["domain-info", "security-analysis"] }

Modules§

advanced_content_scanneradvanced-content-scanner
api_security_scannerapi-security-scanner
cloudflare_bypasscloudflare-bypass
contact_spycontact-spy
domain_dnsdomain-dns
domain_dns_mobiledomain-dns-mobile
domain_infodomain-info
domain_info_mobiledomain-info-mobile
domain_validatordomain-validator
domain_validator_mobiledomain-validator-mobile
error: Error types for the web-analyzer crate. Error types for the web-analyzer crate.
geo_analysisgeo-analysis
nmap_zero_daynmap-zero-day
payloads: Compile-time embedded payloads from the payloads/ directory. Compile-time embedded payload data from the payloads/ directory.
reactreact2shell: React2Shell — CVE-2025-55182 Scanner, Attacker & Report Generator
react_honeypotreact-honeypot: React2Shell Honeypot — Attack Vector Detection & Attacker Intelligence
security_analysissecurity-analysis
security_analysis_mobilesecurity-analysis-mobile
seo_analysisseo-analysis
subdomain_discoverysubdomain-discovery
subdomain_takeoversubdomain-takeover
subdomain_takeover_mobilesubdomain-takeover-mobile
web_technologiesweb-technologies

Structs§

ScanProgress: Standardized progress event for async tasks.

Crate web_analyzer

Crate web_analyzer Copy item path

§Web Analyzer

§Module Architecture

§🔎 Intelligence Gathering

§🕵️ Reconnaissance

§🛡️ Security Assessment

§Quick Start

§Feature Flags

Modules§

Structs§

Crate web_analyzer