
:mag_right: A node utility to scan a domain with various techniques.

Primary LanguageJavaScriptMIT LicenseMIT


A node utility to scan a domain with various techniques.


$ npm install domain-scanner


The usage is simple, just pass to the scanner the domain you want to scan and some options, than wait for the response:

const domainScanner = require('domain-scanner');

const options = {
  deep: false,
  sections: [],
  exclude: [],
  keys: {
    hunterio: '<api-key>',
    google: '<api-key>',
    virustotal: '<api-key>'

domainScanner('codekraft.it', options, (err, results) => {



An array with the names of the sections you want to scan, leave empty to scan all sections. Available sections are:

  • details: Will perform some system based evaluations against the domain.
  • emails: Will scan the domain looking for known emails with node-emailhunter
  • breaches: Will check the HaveIBeenPwned database against the domain
  • certificate: SSL Certificate test and verification using node-ssllabs talking with SSL Labs API
  • robots: Will scan the domain robots.txt file with robots-parse
  • subdomains: Will enumerate all hostname subdomains using subquest
  • threats: Will scan the domain using Google Safe Browsing API looking for known threats
  • virustotal: Will scan the domain using Virus Total APIv2 on domain/report endpoint
  • tld: Will scan all the other root TLDs possibilities for a given domain
  • typosquotting: Perform various typosquotting techniques and collect results
  • archived: Lookup the site using Wayback Machine API looking for archived pages
  • ctl: Find subdomains by abusing Certificate Transparency logs
  • tags: Will scan the domain's tracking code footprint with tag-recon to discover connections with other affiliated websites
const options = {
  sections: [


An array of sections to exclude from the tasks of the scanner:

const options = {
  exclude: ['emails']


An object with the API keys for the services involved in the scan. For example to use Hunter.io API:

const options = {
  keys: {
    hunterio: '<api-key>',
    google: '<api-key>',
    virustotal: '<api-key>',
    spyonweb: '<api-key>'

Possible keys for now: hunterio, google, virustotal, spyonweb


Perform additional tasks for the gathered results. For example test resulting emails with node-pwned for breaches, or testing nested domain details informations.

const options = {
  deep: true

Looking for the cli tool?

If you want to use it from the command line as a cli tool you have to download domain-scanner-cli module.

$ npm install -g domain-scanner-cli


  1. Create an issue and describe your idea
  2. Fork the project (https://github.com/b4dnewz/domain-scanner/fork)
  3. Create your feature branch (git checkout -b my-new-task)
  4. Commit your changes (git commit -am 'Add some task')
  5. Write some test (npm run test)
  6. Publish the branch (git push origin my-new-task)
  7. Create a new Pull Request


MIT © b4dnewz