Enterprise Domain Security & OSINT Analysis Platform
Project description
๐ WebAnalyzer v3.6.2 - Enterprise Domain Security & Intelligence Platform
๐ฅ Professional-grade domain analysis and security assessment platform ๐ฅ
โก Now with enterprise bulk processing capabilities โก
๐ Overview
WebAnalyzer v3.6.2 is the most advanced Python-based domain analysis framework designed for cybersecurity professionals, penetration testers, and security researchers. The platform combines reconnaissance, vulnerability assessment, and intelligence gathering with enterprise-grade bulk processing capabilities.
โจ Revolutionary Features
๐น ๐ข Enterprise Bulk Processing: MySQL-backed job queue system for massive scale operations (1K-50K+ domains)
๐น ๐ง AI-Powered Analysis: 12 specialized modules from reconnaissance to aggressive security testing
๐น โก Lightning Performance: Smart retry mechanisms, resource monitoring, and checkpoint recovery
๐น ๐ Professional Reporting: Comprehensive analytics with real-time metrics and success tracking
๐น ๐ก๏ธ Anti-Detection Arsenal: IP rotation, user-agent cycling, and advanced stealth capabilities
๐น ๐ Scalable Architecture: Support for 1-50 parallel workers with dynamic resource management
๐ฏ What's Revolutionary in v3.6.2
|
๐๏ธ Enterprise Infrastructure:
|
โ๏ธ Enhanced Processing:
|
๐๏ธ System Architecture
graph TB
A[๐๏ธ Management Layer] --> B[๐ Processing Engine]
A --> C[๐พ Database Layer]
A --> D[๐ฌ Analysis Modules]
B --> E[๐ฅ Worker Pool Controller]
B --> F[๐ Intelligent Retry System]
B --> G[๐ Resource Monitor]
B --> H[๐พ Progress Tracking]
C --> I[๐๏ธ MySQL Connection Pool]
C --> J[๐ Optimized Schemas]
C --> K[๐ Real-time Analytics]
C --> L[๐ฟ Data Persistence]
D --> M[๐ Intelligence Gathering]
D --> N[๐ต๏ธ Reconnaissance]
D --> O[๐ก๏ธ Security Assessment]
D --> P[โก Advanced Testing]
๐ ๏ธ Installation & Setup
๐ Prerequisites
- ๐ Python 3.8+ with pip package manager
- ๐๏ธ MySQL 8.0+ for enterprise bulk processing
- ๐ Go language (for Subfinder integration)
- ๐พ 4GB+ RAM recommended for bulk processing
๐ฆ Installation via PyPI (Pip)
WebAnalyzer is available on PyPI. You can install it globally and run the interactive CLI scanner instantly:
# Install the package
pip install webanalyzer-security
# Run the CLI tool
webanalyzer
๐ณ Docker Compose Installation (Frictionless - Recommended)
The fastest way to spin up the entire platform (MySQL database, FastAPI backend, and React dashboard) is using Docker Compose. This packages all dependencies (Python, Go, Node, Nmap, Subfinder) automatically:
# 1. Clone the repository
git clone https://github.com/frkndncr/WebAnalyzer.git
cd WebAnalyzer
# 2. Run the platform
docker compose up -d --build
- React Dashboard: http://localhost:8080
- FastAPI API Docs: http://localhost:8000/docs
โก Manual Installation (Developer Mode)
# ๐ฅ Clone the repository
git clone https://github.com/frkndncr/WebAnalyzer.git
cd WebAnalyzer
# ๐ฆ Install Python dependencies
pip install -r requirements.txt
# ๐๏ธ Database setup
# Configure your database connection in database/db_manager.py
# Update connection parameters:
config = {
'host': 'your_mysql_host',
'database': 'your_database_name',
'user': 'your_username',
'password': 'your_password',
# ... other settings
}
# ๐ Import database schema
mysql -u your_username -p your_database < database/schema.sql
# โ
Verify installation
python main.py --help
๐ฅ๏ธ Running the Cybersecurity Dashboard Manually
To run the full visual Command Center locally without Docker:
-
Start the FastAPI Backend:
uvicorn api:app --host 0.0.0.0 --port 8000 --reload
-
Start the React Frontend:
cd dashboard npm install npm run dev
Open http://localhost:5173 in your browser.
โ๏ธ Configuration
# โก Configure performance settings
export WEBANALYZER_MAX_WORKERS="10"
export WEBANALYZER_BATCH_SIZE="100"
# ๐ Proxy configuration (optional)
export WEBANALYZER_PROXY="http://proxy:8080"
๐ฎ Usage Guide
๐ฏ Interactive Analysis (Single Domain)
Perfect for individual domain analysis with module selection:
๐ python main.py
# Follow the interactive prompts
# Select domain and desired analysis modules
๐ข Enterprise Bulk Processing
For large-scale domain analysis (recommended for 100+ domains):
1๏ธโฃ Domain Preparation & Validation
Pre-validate domains to boost success rates:
# ๐ Basic validation
python domains-check.py --input domains.json --output validated_domains.json
# โก Advanced validation with custom settings
python domains-check.py --input raw_domains.json --output clean_domains.json --workers 15 --timeout 12
2๏ธโฃ Job Creation & Management
# ๐ Load domains for bulk processing
python bulk_scan.py --load validated_domains.json --job-name "๐ฅ Enterprise Security Audit"
# ๐ List all jobs to get job ID
python bulk_scan.py --list-jobs
# โก Process job with optimal settings
python bulk_scan.py --job-id 1 --workers 10
# ๐ High-performance processing (powerful servers)
python bulk_scan.py --job-id 1 --workers 20 --risky
# ๐ป Resource-constrained processing
python bulk_scan.py --job-id 1 --workers 3
3๏ธโฃ Monitoring & Recovery
# ๐ Monitor job progress
python bulk_scan.py --stats 1
# ๐ Resume interrupted job
python bulk_scan.py --resume 1 --workers 10
# ๐ Get detailed performance metrics
python monitor.py --job-id 1 --detailed
๐ฌ Analysis Modules
๐ Intelligence Gathering
| Module | Function | Output | Risk Level | Status |
|---|---|---|---|---|
| ๐ Domain Information | WHOIS data, registration details | Registrar, dates, status | ๐ข Low | โ Active |
| ๐ DNS Analysis | Comprehensive DNS record enumeration | A, MX, CNAME, TXT records | ๐ข Low | โ Active |
| ๐ SEO Analysis | Search optimization assessment | Performance, meta tags, structure | ๐ข Low | โ Enhanced |
| โ๏ธ Web Technologies | Technology stack fingerprinting | Server, frameworks, CMS detection | ๐ข Low | โ Enhanced |
๐ต๏ธ Reconnaissance
| Module | Function | Output | Risk Level | Status |
|---|---|---|---|---|
| ๐ Subdomain Discovery | Advanced subdomain enumeration | Active subdomains, DNS records | ๐ก Medium | โ Active |
| ๐ฅ Contact Intelligence | Contact information extraction | Emails, phones, social profiles | ๐ก Medium | โ Active |
| ๐ Advanced Content Scanner | Deep content analysis | Sensitive files, directories | ๐ก Medium | โ Active |
๐ก๏ธ Security Assessment
| Module | Function | Output | Risk Level | Status |
|---|---|---|---|---|
| ๐ Security Analysis | Headers, SSL/TLS, vulnerabilities | Security score, recommendations | ๐ก Medium | โ Enhanced |
| โ ๏ธ Subdomain Takeover | Takeover vulnerability detection | Exploitable subdomains | ๐ด High | โ Active |
| ๐ฉ๏ธ CloudFlare Bypass | WAF bypass techniques | Real IP discovery | ๐ด High | โ Active |
| ๐ Network Scanner | Port scanning, service enumeration | Open ports, running services | ๐ด High | โ Active |
| ๐ฅ API Security Scanner | API vulnerability assessment | Security flaws, exploitable endpoints | ๐ฃ Critical | โ Active |
๐ Performance & Scalability
๐ Benchmark Performance
- โก Processing Speed: 50-200 domains/minute (configuration dependent)
- ๐ฏ Success Rate: 85-95% with intelligent retry mechanisms
- ๐พ Resource Usage: 2-8GB RAM, moderate CPU utilization
- ๐๏ธ Database Performance: 1,000+ queries/second with connection pooling
- ๐ฆ Concurrent Capacity: Up to 1,000 domains in processing queue
โ๏ธ Optimization Guidelines
# ๐๏ธ System-based worker configuration
RECOMMENDED_WORKERS = {
'๐ป Development (4GB RAM)': 3,
'๐ข Production (8GB RAM)': 10,
'โก High-Performance (16GB+ RAM)': 20,
'๐ญ Enterprise Server': 30
}
# โฑ๏ธ Module timeout settings
MODULE_TIMEOUTS = {
'security_analysis': 30, # ๐ Complex analysis
'web_technologies': 35, # โ๏ธ Technology detection
'seo_analysis': 45, # ๐ Comprehensive SEO
'domain_info': 10, # ๐ WHOIS lookup
'domain_dns': 10 # ๐ DNS resolution
}
๐ Large-Scale Processing Example
For processing 25,000+ domains:
# 1๏ธโฃ Pre-validate domains (reduces failures)
python domains-check.py --input 25k_domains.json --output validated_25k.json --workers 20
# 2๏ธโฃ Load for processing
python bulk_scan.py --load validated_25k.json --job-name "๐ฅ 25K Domain Security Audit"
# 3๏ธโฃ Process with high-performance settings
python bulk_scan.py --job-id 2 --workers 15 --risky
# 4๏ธโฃ Monitor progress (estimated 3-5 hours for 25K domains)
python bulk_scan.py --stats 2 --refresh 30
๐ Project Structure
๐๏ธ WebAnalyzer/
โโโ ๐๏ธ main.py # Interactive analysis interface
โโโ ๐ bulk_scan.py # Enterprise bulk processing engine
โโโ โ
domains-check.py # Domain validation utility
โโโ ๐ monitor.py # Real-time monitoring system
โโโ ๐ check_progress.py # Progress tracking utility
โโโ โ๏ธ config.py # Configuration management
โโโ ๐ webanalyzer_socket.py # Socket communication
โโโ ๐ webanalyzer_config.json # Configuration file
โโโ ๐ฆ requirements.txt # Python dependencies
โโโ ๐ ๏ธ setup.sh # Installation automation
โโโ ๐ LICENSE # MIT License
โโโ ๐ README.md # Documentation (English)
โโโ ๐น๐ท README.TR.MD # Documentation (Turkish)
โ
โโโ ๐๏ธ database/ # Database layer
โ โโโ ๐ schema.sql # MySQL table definitions
โ โโโ ๐ db_manager.py # Connection pool & query optimization
โ
โโโ โก bulk/ # Bulk processing components
โ โโโ ๐ฅ loader.py # Domain loading & job creation
โ โโโ ๐ processor.py # Optimized processing engine
โ
โโโ ๐ฌ modules/ # Analysis modules
โ โโโ ๐ domain_info.py # WHOIS information retrieval
โ โโโ ๐ domain_dns.py # DNS record analysis
โ โโโ ๐ seo_analysis.py # SEO performance assessment
โ โโโ ๐ security_analysis.py # Security headers & SSL analysis
โ โโโ โ๏ธ web_technologies.py # Technology stack detection
โ โโโ โ ๏ธ subdomain_takeover.py # Vulnerability detection
โ โโโ ๐ advanced_content_scanner.py # Content analysis
โ โโโ ๐ฉ๏ธ cloudflare_bypass.py # WAF bypass techniques
โ โโโ ๐ฅ contact_spy.py # Contact information extraction
โ โโโ ๐ nmap_zero_day.py # Network vulnerability scanning
โ โโโ ๐ฅ api_security_scanner.py # API security assessment
โ โโโ ๐ต๏ธ subfinder_tool.py # Subdomain enumeration
โ โโโ ๐ universal_adapter.py # Module execution framework
โ
โโโ ๐ ๏ธ utils/ # Core utilities
โ โโโ ๐ฆ __init__.py # Package initialization
โ โโโ ๐ session_manager.py # Advanced session management
โ โโโ ๐ง module_wrapper.py # Execution framework
โ โโโ ๐ ๏ธ utils.py # Helper functions
โ
โโโ ๐ฃ payloads/ # Security testing payloads
โ โโโ ๐ api_endpoints.txt # API endpoint wordlist
โ โโโ ๐ auth_bypass_headers.txt # Authentication bypass headers
โ โโโ ๐ป command_injection.txt # Command injection payloads
โ โโโ ๐ lfi.txt # Local file inclusion payloads
โ โโโ ๐ nosql_injection.txt # NoSQL injection payloads
โ โโโ ๐ sql_injection.txt # SQL injection payloads
โ โโโ ๐ ssrf.txt # SSRF payloads
โ โโโ ๐ง ssti.txt # Server-side template injection
โ โโโ โก xss.txt # Cross-site scripting payloads
โ โโโ ๐ xxe.txt # XML external entity payloads
โ
โโโ ๐งช tests/ # Test suite
โโโ โ
test_main.py # Unit tests
๐ข Enterprise Features
๐๏ธ Database Schema
-- ๐ Job management
CREATE TABLE scan_jobs (
id INT AUTO_INCREMENT PRIMARY KEY,
job_name VARCHAR(255),
total_domains INT DEFAULT 0,
completed_domains INT DEFAULT 0,
status ENUM('pending', 'running', 'completed', 'failed') DEFAULT 'pending',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
started_at TIMESTAMP NULL,
completed_at TIMESTAMP NULL
);
-- ๐ Domain processing queue
CREATE TABLE domains (
id INT AUTO_INCREMENT PRIMARY KEY,
job_id INT,
domain VARCHAR(255) NOT NULL,
status ENUM('pending', 'scanning', 'completed', 'failed') DEFAULT 'pending',
priority INT DEFAULT 5,
retry_count INT DEFAULT 0,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
scanned_at TIMESTAMP NULL
);
-- ๐ Analysis results storage
CREATE TABLE scan_results (
id INT AUTO_INCREMENT PRIMARY KEY,
domain_id INT,
module_name VARCHAR(100),
status VARCHAR(50),
risk_level ENUM('low', 'medium', 'high', 'critical'),
score INT,
execution_time FLOAT,
result_data JSON,
error_message TEXT,
scanned_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
-- โ ๏ธ Vulnerability tracking
CREATE TABLE vulnerabilities (
id INT AUTO_INCREMENT PRIMARY KEY,
domain_id INT,
vulnerability_type VARCHAR(100),
severity ENUM('info', 'low', 'medium', 'high', 'critical'),
module_name VARCHAR(100),
details JSON,
discovered_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
โ๏ธ Advanced Configuration
# ๐ Worker pool optimization
BULK_PROCESSING_CONFIG = {
'max_workers': 20,
'batch_size': 100,
'checkpoint_interval': 60,
'retry_attempts': {
'security_analysis': 3,
'web_technologies': 4,
'seo_analysis': 4,
'domain_dns': 2
},
'timeout_settings': {
'security_analysis': 30,
'web_technologies': 45,
'seo_analysis': 45,
'domain_info': 10,
'domain_dns': 10
}
}
โ๏ธ Legal & Ethical Considerations
๐จ CRITICAL LEGAL NOTICE ๐จ
WebAnalyzer includes modules capable of aggressive security testing including vulnerability scanning, exploitation attempts, and authentication bypass techniques.
โ ๏ธ AUTHORIZED USE ONLY โ ๏ธ
๐น Only test systems you own or have explicit written permission to test
๐น Respect rate limits and terms of service
๐น Follow responsible disclosure practices for discovered vulnerabilities
๐น Comply with local laws and regulations regarding security testing
โ UNAUTHORIZED SECURITY TESTING MAY BE ILLEGAL โ
DISCLAIMER: Users are solely responsible for ensuring lawful use. Tool developers are not liable for misuse or damages.
๐ค Support & Professional Services
๐ Community Support
- ๐ GitHub Issues: Bug reports and feature requests
- ๐ Documentation: Comprehensive guides and API documentation
- ๐ฌ Community Forum: User discussions and best practices
๐ข Professional Services
- ๐๏ธ Enterprise Consulting: Large-scale deployment assistance
- ๐ง Custom Module Development: Specialized analysis requirements
- ๐ Training Programs: Team certification and advanced usage
- ๐ ๏ธ Managed Services: Fully managed security assessment solutions
๐ Contact Information
| Contact | Link |
|---|---|
| ๐จโ๐ป Developer | Furkan Dinรงer |
| ๐ผ LinkedIn | Professional Profile |
| ๐ธ Instagram | @f3rrkan |
| ๐ง Email | hi@c4softwarestudio.com |
๐ License
This project is licensed under the MIT License - see the LICENSE file for complete terms.
๐ข Enterprise License Available: Contact for advanced features, priority support, and commercial licensing options.
๐ Ready for enterprise-scale security assessments? ๐
๐ฏ Built with precision by Furkan Dinรงer for the cybersecurity community ๐ฏ
โญ Star this repository to support professional security tools development โญ
๐ฅ WebAnalyzer v3.0 - The Ultimate Domain Security Platform ๐ฅ
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file webanalyzer_security-3.6.2.tar.gz.
File metadata
- Download URL: webanalyzer_security-3.6.2.tar.gz
- Upload date:
- Size: 188.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0f0f82bbc209cb2ea63c037a5a3121251318885f5cee8c1b56b21e214ac94d28
|
|
| MD5 |
b554f7e15646ac8e30fa613c606642f9
|
|
| BLAKE2b-256 |
4cb9b02d25512142c4bbb5463fcffe68574635f1e12706f5e282f0da23b76560
|
File details
Details for the file webanalyzer_security-3.6.2-py3-none-any.whl.
File metadata
- Download URL: webanalyzer_security-3.6.2-py3-none-any.whl
- Upload date:
- Size: 195.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
768d6ecdd93c9ffb28120843c924513fa676749b3cc6aceab986e99adcbd9858
|
|
| MD5 |
e598ea51fdd0eca4dd40e2a6b02a58be
|
|
| BLAKE2b-256 |
4e746a37692c4b75295cc0bdf30a6e0f6402f26685bdf8a126a3a0c8fb317aa6
|