Skip to main content

Enterprise Domain Security & OSINT Analysis Platform

Project description

๐Ÿš€ WebAnalyzer v3.5.0 - Enterprise Domain Security & Intelligence Platform

WebAnalyzer Banner Python MySQL License Security

๐Ÿ”ฅ Professional-grade domain analysis and security assessment platform ๐Ÿ”ฅ

โšก Now with enterprise bulk processing capabilities โšก

GitHub stars GitHub forks


๐ŸŒŸ Overview

WebAnalyzer Dashboard Mockup

WebAnalyzer v3.5.0 is the most advanced Python-based domain analysis framework designed for cybersecurity professionals, penetration testers, and security researchers. The platform combines reconnaissance, vulnerability assessment, and intelligence gathering with enterprise-grade bulk processing capabilities.

โœจ Revolutionary Features

๐Ÿ”น ๐Ÿข Enterprise Bulk Processing: MySQL-backed job queue system for massive scale operations (1K-50K+ domains)
๐Ÿ”น ๐Ÿง  AI-Powered Analysis: 12 specialized modules from reconnaissance to aggressive security testing
๐Ÿ”น โšก Lightning Performance: Smart retry mechanisms, resource monitoring, and checkpoint recovery
๐Ÿ”น ๐Ÿ“Š Professional Reporting: Comprehensive analytics with real-time metrics and success tracking
๐Ÿ”น ๐Ÿ›ก๏ธ Anti-Detection Arsenal: IP rotation, user-agent cycling, and advanced stealth capabilities
๐Ÿ”น ๐Ÿš€ Scalable Architecture: Support for 1-50 parallel workers with dynamic resource management

๐ŸŽฏ What's Revolutionary in v3.5.0

๐Ÿ—๏ธ Enterprise Infrastructure:

  • ๐Ÿ—„๏ธ MySQL database with optimized schemas
  • ๐Ÿ“‹ Advanced job queue with progress tracking
  • โœ… Domain pre-validation system
  • ๐Ÿ“ˆ Real-time performance monitoring
  • ๐Ÿ”„ Intelligent retry with module-specific config

โš™๏ธ Enhanced Processing:

  • ๐Ÿ‘ฅ Worker pool architecture (1-50 concurrent)
  • ๐Ÿ“ฆ Dynamic batch sizing
  • ๐Ÿ’พ Checkpoint recovery system
  • โฑ๏ธ Module-specific timeouts
  • ๐Ÿ” Smart vulnerability detection

๐Ÿ›๏ธ System Architecture

graph TB
    A[๐ŸŽ›๏ธ Management Layer] --> B[๐Ÿš€ Processing Engine]
    A --> C[๐Ÿ’พ Database Layer]
    A --> D[๐Ÿ”ฌ Analysis Modules]
    
    B --> E[๐Ÿ‘ฅ Worker Pool Controller]
    B --> F[๐Ÿ”„ Intelligent Retry System]
    B --> G[๐Ÿ“Š Resource Monitor]
    B --> H[๐Ÿ’พ Progress Tracking]
    
    C --> I[๐Ÿ—„๏ธ MySQL Connection Pool]
    C --> J[๐Ÿ“‹ Optimized Schemas]
    C --> K[๐Ÿ“ˆ Real-time Analytics]
    C --> L[๐Ÿ’ฟ Data Persistence]
    
    D --> M[๐Ÿ” Intelligence Gathering]
    D --> N[๐Ÿ•ต๏ธ Reconnaissance]
    D --> O[๐Ÿ›ก๏ธ Security Assessment]
    D --> P[โšก Advanced Testing]

๐Ÿ› ๏ธ Installation & Setup

๐Ÿ“‹ Prerequisites

  • ๐Ÿ Python 3.8+ with pip package manager
  • ๐Ÿ—„๏ธ MySQL 8.0+ for enterprise bulk processing
  • ๐Ÿš€ Go language (for Subfinder integration)
  • ๐Ÿ’พ 4GB+ RAM recommended for bulk processing

๐Ÿ“ฆ Installation via PyPI (Pip)

WebAnalyzer is available on PyPI. You can install it globally and run the interactive CLI scanner instantly:

# Install the package
pip install webanalyzer-security

# Run the CLI tool
webanalyzer

๐Ÿณ Docker Compose Installation (Frictionless - Recommended)

The fastest way to spin up the entire platform (MySQL database, FastAPI backend, and React dashboard) is using Docker Compose. This packages all dependencies (Python, Go, Node, Nmap, Subfinder) automatically:

# 1. Clone the repository
git clone https://github.com/frkndncr/WebAnalyzer.git
cd WebAnalyzer

# 2. Run the platform
docker compose up -d --build

โšก Manual Installation (Developer Mode)

# ๐Ÿ“ฅ Clone the repository
git clone https://github.com/frkndncr/WebAnalyzer.git
cd WebAnalyzer

# ๐Ÿ“ฆ Install Python dependencies
pip install -r requirements.txt

# ๐Ÿ—„๏ธ Database setup
# Configure your database connection in database/db_manager.py
# Update connection parameters:
config = {
    'host': 'your_mysql_host',
    'database': 'your_database_name',
    'user': 'your_username',
    'password': 'your_password',
    # ... other settings
}

# ๐Ÿ“‹ Import database schema
mysql -u your_username -p your_database < database/schema.sql

# โœ… Verify installation
python main.py --help

๐Ÿ–ฅ๏ธ Running the Cybersecurity Dashboard Manually

To run the full visual Command Center locally without Docker:

  1. Start the FastAPI Backend:

    uvicorn api:app --host 0.0.0.0 --port 8000 --reload
    
  2. Start the React Frontend:

    cd dashboard
    npm install
    npm run dev
    

    Open http://localhost:5173 in your browser.

โš™๏ธ Configuration

# โšก Configure performance settings
export WEBANALYZER_MAX_WORKERS="10"
export WEBANALYZER_BATCH_SIZE="100"

# ๐ŸŒ Proxy configuration (optional)
export WEBANALYZER_PROXY="http://proxy:8080"

๐ŸŽฎ Usage Guide

๐ŸŽฏ Interactive Analysis (Single Domain)

Perfect for individual domain analysis with module selection:

๐Ÿš€ python main.py
# Follow the interactive prompts
# Select domain and desired analysis modules

๐Ÿข Enterprise Bulk Processing

For large-scale domain analysis (recommended for 100+ domains):

1๏ธโƒฃ Domain Preparation & Validation

Pre-validate domains to boost success rates:

# ๐Ÿ” Basic validation
python domains-check.py --input domains.json --output validated_domains.json

# โšก Advanced validation with custom settings
python domains-check.py --input raw_domains.json --output clean_domains.json --workers 15 --timeout 12

2๏ธโƒฃ Job Creation & Management

# ๐Ÿ“‹ Load domains for bulk processing
python bulk_scan.py --load validated_domains.json --job-name "๐Ÿ”ฅ Enterprise Security Audit"

# ๐Ÿ“Š List all jobs to get job ID
python bulk_scan.py --list-jobs

# โšก Process job with optimal settings
python bulk_scan.py --job-id 1 --workers 10

# ๐Ÿš€ High-performance processing (powerful servers)
python bulk_scan.py --job-id 1 --workers 20 --risky

# ๐Ÿ’ป Resource-constrained processing
python bulk_scan.py --job-id 1 --workers 3

3๏ธโƒฃ Monitoring & Recovery

# ๐Ÿ“ˆ Monitor job progress
python bulk_scan.py --stats 1

# ๐Ÿ”„ Resume interrupted job
python bulk_scan.py --resume 1 --workers 10

# ๐Ÿ“Š Get detailed performance metrics
python monitor.py --job-id 1 --detailed

๐Ÿ”ฌ Analysis Modules

๐Ÿ” Intelligence Gathering

Module Function Output Risk Level Status
๐ŸŒ Domain Information WHOIS data, registration details Registrar, dates, status ๐ŸŸข Low โœ… Active
๐Ÿ” DNS Analysis Comprehensive DNS record enumeration A, MX, CNAME, TXT records ๐ŸŸข Low โœ… Active
๐Ÿ“ˆ SEO Analysis Search optimization assessment Performance, meta tags, structure ๐ŸŸข Low โœ… Enhanced
โš™๏ธ Web Technologies Technology stack fingerprinting Server, frameworks, CMS detection ๐ŸŸข Low โœ… Enhanced

๐Ÿ•ต๏ธ Reconnaissance

Module Function Output Risk Level Status
๐Ÿ” Subdomain Discovery Advanced subdomain enumeration Active subdomains, DNS records ๐ŸŸก Medium โœ… Active
๐Ÿ‘ฅ Contact Intelligence Contact information extraction Emails, phones, social profiles ๐ŸŸก Medium โœ… Active
๐Ÿ“ Advanced Content Scanner Deep content analysis Sensitive files, directories ๐ŸŸก Medium โœ… Active

๐Ÿ›ก๏ธ Security Assessment

Module Function Output Risk Level Status
๐Ÿ”’ Security Analysis Headers, SSL/TLS, vulnerabilities Security score, recommendations ๐ŸŸก Medium โœ… Enhanced
โš ๏ธ Subdomain Takeover Takeover vulnerability detection Exploitable subdomains ๐Ÿ”ด High โœ… Active
๐ŸŒฉ๏ธ CloudFlare Bypass WAF bypass techniques Real IP discovery ๐Ÿ”ด High โœ… Active
๐Ÿ” Network Scanner Port scanning, service enumeration Open ports, running services ๐Ÿ”ด High โœ… Active
๐Ÿ”ฅ API Security Scanner API vulnerability assessment Security flaws, exploitable endpoints ๐ŸŸฃ Critical โœ… Active

๐Ÿ“Š Performance & Scalability

๐Ÿ† Benchmark Performance

  • โšก Processing Speed: 50-200 domains/minute (configuration dependent)
  • ๐ŸŽฏ Success Rate: 85-95% with intelligent retry mechanisms
  • ๐Ÿ’พ Resource Usage: 2-8GB RAM, moderate CPU utilization
  • ๐Ÿ—„๏ธ Database Performance: 1,000+ queries/second with connection pooling
  • ๐Ÿ“ฆ Concurrent Capacity: Up to 1,000 domains in processing queue

โš™๏ธ Optimization Guidelines

# ๐ŸŽ›๏ธ System-based worker configuration
RECOMMENDED_WORKERS = {
    '๐Ÿ’ป Development (4GB RAM)': 3,
    '๐Ÿข Production (8GB RAM)': 10,
    'โšก High-Performance (16GB+ RAM)': 20,
    '๐Ÿญ Enterprise Server': 30
}

# โฑ๏ธ Module timeout settings
MODULE_TIMEOUTS = {
    'security_analysis': 30,    # ๐Ÿ”’ Complex analysis
    'web_technologies': 35,     # โš™๏ธ Technology detection
    'seo_analysis': 45,         # ๐Ÿ“ˆ Comprehensive SEO
    'domain_info': 10,          # ๐ŸŒ WHOIS lookup
    'domain_dns': 10            # ๐Ÿ” DNS resolution
}

๐Ÿš€ Large-Scale Processing Example

For processing 25,000+ domains:

# 1๏ธโƒฃ Pre-validate domains (reduces failures)
python domains-check.py --input 25k_domains.json --output validated_25k.json --workers 20

# 2๏ธโƒฃ Load for processing
python bulk_scan.py --load validated_25k.json --job-name "๐Ÿ”ฅ 25K Domain Security Audit"

# 3๏ธโƒฃ Process with high-performance settings
python bulk_scan.py --job-id 2 --workers 15 --risky

# 4๏ธโƒฃ Monitor progress (estimated 3-5 hours for 25K domains)
python bulk_scan.py --stats 2 --refresh 30

๐Ÿ“ Project Structure

๐Ÿ—๏ธ WebAnalyzer/
โ”œโ”€โ”€ ๐ŸŽ›๏ธ main.py                          # Interactive analysis interface
โ”œโ”€โ”€ ๐Ÿš€ bulk_scan.py                     # Enterprise bulk processing engine  
โ”œโ”€โ”€ โœ… domains-check.py                 # Domain validation utility
โ”œโ”€โ”€ ๐Ÿ“Š monitor.py                       # Real-time monitoring system
โ”œโ”€โ”€ ๐Ÿ“ˆ check_progress.py               # Progress tracking utility
โ”œโ”€โ”€ โš™๏ธ config.py                       # Configuration management
โ”œโ”€โ”€ ๐Ÿ”Œ webanalyzer_socket.py           # Socket communication
โ”œโ”€โ”€ ๐Ÿ“‹ webanalyzer_config.json         # Configuration file
โ”œโ”€โ”€ ๐Ÿ“ฆ requirements.txt                 # Python dependencies
โ”œโ”€โ”€ ๐Ÿ› ๏ธ setup.sh                        # Installation automation
โ”œโ”€โ”€ ๐Ÿ“„ LICENSE                          # MIT License
โ”œโ”€โ”€ ๐Ÿ“š README.md                       # Documentation (English)
โ”œโ”€โ”€ ๐Ÿ‡น๐Ÿ‡ท README.TR.MD                    # Documentation (Turkish)
โ”‚
โ”œโ”€โ”€ ๐Ÿ—„๏ธ database/                       # Database layer
โ”‚   โ”œโ”€โ”€ ๐Ÿ“‹ schema.sql                  # MySQL table definitions
โ”‚   โ””โ”€โ”€ ๐Ÿ”— db_manager.py              # Connection pool & query optimization
โ”‚
โ”œโ”€โ”€ โšก bulk/                          # Bulk processing components
โ”‚   โ”œโ”€โ”€ ๐Ÿ“ฅ loader.py                  # Domain loading & job creation
โ”‚   โ””โ”€โ”€ ๐Ÿš€ processor.py               # Optimized processing engine
โ”‚
โ”œโ”€โ”€ ๐Ÿ”ฌ modules/                       # Analysis modules
โ”‚   โ”œโ”€โ”€ ๐ŸŒ domain_info.py             # WHOIS information retrieval
โ”‚   โ”œโ”€โ”€ ๐Ÿ” domain_dns.py              # DNS record analysis  
โ”‚   โ”œโ”€โ”€ ๐Ÿ“ˆ seo_analysis.py            # SEO performance assessment
โ”‚   โ”œโ”€โ”€ ๐Ÿ”’ security_analysis.py       # Security headers & SSL analysis
โ”‚   โ”œโ”€โ”€ โš™๏ธ web_technologies.py        # Technology stack detection
โ”‚   โ”œโ”€โ”€ โš ๏ธ subdomain_takeover.py      # Vulnerability detection
โ”‚   โ”œโ”€โ”€ ๐Ÿ“ advanced_content_scanner.py # Content analysis
โ”‚   โ”œโ”€โ”€ ๐ŸŒฉ๏ธ cloudflare_bypass.py       # WAF bypass techniques
โ”‚   โ”œโ”€โ”€ ๐Ÿ‘ฅ contact_spy.py             # Contact information extraction
โ”‚   โ”œโ”€โ”€ ๐Ÿ” nmap_zero_day.py           # Network vulnerability scanning
โ”‚   โ”œโ”€โ”€ ๐Ÿ”ฅ api_security_scanner.py    # API security assessment
โ”‚   โ”œโ”€โ”€ ๐Ÿ•ต๏ธ subfinder_tool.py          # Subdomain enumeration
โ”‚   โ””โ”€โ”€ ๐Ÿ”Œ universal_adapter.py       # Module execution framework
โ”‚
โ”œโ”€โ”€ ๐Ÿ› ๏ธ utils/                         # Core utilities
โ”‚   โ”œโ”€โ”€ ๐Ÿ“ฆ __init__.py                # Package initialization
โ”‚   โ”œโ”€โ”€ ๐Ÿ”„ session_manager.py         # Advanced session management
โ”‚   โ”œโ”€โ”€ ๐Ÿ”ง module_wrapper.py          # Execution framework
โ”‚   โ””โ”€โ”€ ๐Ÿ› ๏ธ utils.py                   # Helper functions
โ”‚
โ”œโ”€โ”€ ๐Ÿ’ฃ payloads/                      # Security testing payloads
โ”‚   โ”œโ”€โ”€ ๐Ÿ”— api_endpoints.txt          # API endpoint wordlist
โ”‚   โ”œโ”€โ”€ ๐Ÿ”“ auth_bypass_headers.txt    # Authentication bypass headers
โ”‚   โ”œโ”€โ”€ ๐Ÿ’ป command_injection.txt      # Command injection payloads
โ”‚   โ”œโ”€โ”€ ๐Ÿ“ lfi.txt                    # Local file inclusion payloads
โ”‚   โ”œโ”€โ”€ ๐Ÿƒ nosql_injection.txt        # NoSQL injection payloads
โ”‚   โ”œโ”€โ”€ ๐Ÿ’‰ sql_injection.txt          # SQL injection payloads
โ”‚   โ”œโ”€โ”€ ๐Ÿ”— ssrf.txt                   # SSRF payloads
โ”‚   โ”œโ”€โ”€ ๐Ÿ”ง ssti.txt                   # Server-side template injection
โ”‚   โ”œโ”€โ”€ โšก xss.txt                     # Cross-site scripting payloads
โ”‚   โ””โ”€โ”€ ๐Ÿ“„ xxe.txt                    # XML external entity payloads
โ”‚
โ””โ”€โ”€ ๐Ÿงช tests/                         # Test suite
    โ””โ”€โ”€ โœ… test_main.py               # Unit tests

๐Ÿข Enterprise Features

๐Ÿ—„๏ธ Database Schema

-- ๐Ÿ“‹ Job management
CREATE TABLE scan_jobs (
    id INT AUTO_INCREMENT PRIMARY KEY,
    job_name VARCHAR(255),
    total_domains INT DEFAULT 0,
    completed_domains INT DEFAULT 0,
    status ENUM('pending', 'running', 'completed', 'failed') DEFAULT 'pending',
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    started_at TIMESTAMP NULL,
    completed_at TIMESTAMP NULL
);

-- ๐ŸŒ Domain processing queue
CREATE TABLE domains (
    id INT AUTO_INCREMENT PRIMARY KEY,
    job_id INT,
    domain VARCHAR(255) NOT NULL,
    status ENUM('pending', 'scanning', 'completed', 'failed') DEFAULT 'pending',
    priority INT DEFAULT 5,
    retry_count INT DEFAULT 0,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    scanned_at TIMESTAMP NULL
);

-- ๐Ÿ“Š Analysis results storage
CREATE TABLE scan_results (
    id INT AUTO_INCREMENT PRIMARY KEY,
    domain_id INT,
    module_name VARCHAR(100),
    status VARCHAR(50),
    risk_level ENUM('low', 'medium', 'high', 'critical'),
    score INT,
    execution_time FLOAT,
    result_data JSON,
    error_message TEXT,
    scanned_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

-- โš ๏ธ Vulnerability tracking
CREATE TABLE vulnerabilities (
    id INT AUTO_INCREMENT PRIMARY KEY,
    domain_id INT,
    vulnerability_type VARCHAR(100),
    severity ENUM('info', 'low', 'medium', 'high', 'critical'),
    module_name VARCHAR(100),
    details JSON,
    discovered_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

โš™๏ธ Advanced Configuration

# ๐Ÿš€ Worker pool optimization
BULK_PROCESSING_CONFIG = {
    'max_workers': 20,
    'batch_size': 100,
    'checkpoint_interval': 60,
    'retry_attempts': {
        'security_analysis': 3,
        'web_technologies': 4,
        'seo_analysis': 4,
        'domain_dns': 2
    },
    'timeout_settings': {
        'security_analysis': 30,
        'web_technologies': 45,
        'seo_analysis': 45,
        'domain_info': 10,
        'domain_dns': 10
    }
}

โš–๏ธ Legal & Ethical Considerations

๐Ÿšจ CRITICAL LEGAL NOTICE ๐Ÿšจ

WebAnalyzer includes modules capable of aggressive security testing including vulnerability scanning, exploitation attempts, and authentication bypass techniques.

โš ๏ธ AUTHORIZED USE ONLY โš ๏ธ

๐Ÿ”น Only test systems you own or have explicit written permission to test
๐Ÿ”น Respect rate limits and terms of service
๐Ÿ”น Follow responsible disclosure practices for discovered vulnerabilities
๐Ÿ”น Comply with local laws and regulations regarding security testing

โŒ UNAUTHORIZED SECURITY TESTING MAY BE ILLEGAL โŒ

DISCLAIMER: Users are solely responsible for ensuring lawful use. Tool developers are not liable for misuse or damages.


๐Ÿค Support & Professional Services

๐ŸŒ Community Support

  • ๐Ÿ› GitHub Issues: Bug reports and feature requests
  • ๐Ÿ“š Documentation: Comprehensive guides and API documentation
  • ๐Ÿ’ฌ Community Forum: User discussions and best practices

๐Ÿข Professional Services

  • ๐Ÿ—๏ธ Enterprise Consulting: Large-scale deployment assistance
  • ๐Ÿ”ง Custom Module Development: Specialized analysis requirements
  • ๐ŸŽ“ Training Programs: Team certification and advanced usage
  • ๐Ÿ› ๏ธ Managed Services: Fully managed security assessment solutions

๐Ÿ“ž Contact Information

Contact Link
๐Ÿ‘จโ€๐Ÿ’ป Developer Furkan Dinรงer
๐Ÿ’ผ LinkedIn Professional Profile
๐Ÿ“ธ Instagram @f3rrkan
๐Ÿ“ง Email hi@c4softwarestudio.com

๐Ÿ“„ License

This project is licensed under the MIT License - see the LICENSE file for complete terms.

๐Ÿข Enterprise License Available: Contact for advanced features, priority support, and commercial licensing options.


๐Ÿš€ Ready for enterprise-scale security assessments? ๐Ÿš€


Download Latest View Docs Enterprise Demo


๐ŸŽฏ Built with precision by Furkan Dinรงer for the cybersecurity community ๐ŸŽฏ


โญ Star this repository to support professional security tools development โญ


GitHub stars GitHub forks GitHub watchers


๐Ÿ”ฅ WebAnalyzer v3.0 - The Ultimate Domain Security Platform ๐Ÿ”ฅ

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

webanalyzer_security-3.5.0.tar.gz (177.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

webanalyzer_security-3.5.0-py3-none-any.whl (182.7 kB view details)

Uploaded Python 3

File details

Details for the file webanalyzer_security-3.5.0.tar.gz.

File metadata

  • Download URL: webanalyzer_security-3.5.0.tar.gz
  • Upload date:
  • Size: 177.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.1

File hashes

Hashes for webanalyzer_security-3.5.0.tar.gz
Algorithm Hash digest
SHA256 b14d06fa0d7881ebdaeaf5a078b9fd414ff5819569372bace787c3e21627f2d4
MD5 40eea22fc662eaa0bfc384f2a088089e
BLAKE2b-256 62d44b75c1bab075dc4b72810dfc6db70f50c7845665104477426bab3fa9583a

See more details on using hashes here.

File details

Details for the file webanalyzer_security-3.5.0-py3-none-any.whl.

File metadata

File hashes

Hashes for webanalyzer_security-3.5.0-py3-none-any.whl
Algorithm Hash digest
SHA256 6daf5551d43847392db9135ae32e1250aa793ef16909679a7ef843234e411036
MD5 e2ef6e14c84be33c904b78bd041c856d
BLAKE2b-256 7440bb147d1d4e642714ee7684bfa12d8195d992e9c33df186e3df4f4be06ba5

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page