Look Up DNS Records
Query DNS records for any domain to inspect A, AAAA, MX, CNAME, TXT, and NS configurations.
SSL and DNS Audit
Audit SSL certificates, DNS configuration, HTTP security headers, and domain registration for security gaps.
SSL and DNS misconfigurations are among the most common causes of security incidents, from expired certificates causing outages to missing DMARC records enabling email spoofing. This workflow systematically audits every layer of your domain security configuration to catch issues before they become incidents.
The audit covers certificate validity and cipher strength, DNS security records (SPF, DKIM, DMARC, CAA, DNSSEC), HTTP security headers, and domain registration hygiene. Results are actionable, highlighting exactly which records need to be added or modified to meet security best practices.
Steps
1
Inspect SSL/TLS Certificates
Check SSL/TLS certificate validity, expiration dates, chain of trust, and cipher suite configuration.
Input: Domain name to inspect SSL certificates for.
Output: Certificate details including issuer, validity period, chain status, and supported protocols.
2
Audit DNS Configuration
Examine DNS records including SPF, DKIM, DMARC, CAA, and DNSSEC configuration for security misconfigurations.
Input: Domain name and record types to query.
Output: Complete DNS record set with security-relevant records highlighted.
3
Probe HTTP Security Headers
Analyze HTTP response headers for security configurations including HSTS, CSP, X-Frame-Options, and cookie flags.
Input: Domain endpoints to probe for security headers.
Output: HTTP security header analysis with missing or misconfigured headers flagged.
4
Verify Domain Registration
Check domain registration details, registrar information, and expiration dates to ensure proper domain security.
Input: Domain name to look up registration details.
Output: WHOIS/RDAP data including registrar, registration dates, nameservers, and registrant information.
Benefits
- Prevent certificate expiration outages with proactive monitoring
- Detect email spoofing risks from missing SPF/DKIM/DMARC records
- Identify weak cipher suites and protocol versions
- Verify domain registration is locked and properly configured
- Ensure HTTP security headers meet OWASP recommendations
Related Use Cases
Check DNS Propagation Status
Verify whether recent DNS changes have propagated and the new records are live.
Probe Security Headers
Check HTTP security headers across your web properties to identify missing protections like CSP, HSTS, and X-Frame-Options.
Discover Hidden Services
Find hidden or forgotten web services running on your infrastructure that may be exposed without your knowledge.
Look Up Domain Registration Details
Query WHOIS and RDAP databases to get complete registration information for any domain.
Check Domain Expiration Dates
Monitor when domains expire to prevent accidental lapses or plan acquisition of expiring domains.
Geolocate Website Visitors
Determine the geographic location of website visitors from their IP addresses for analytics and personalization.
Detect Suspicious Login Locations
Flag logins from unexpected geographic locations by comparing IP geolocation against known user patterns.