Home
Welcome to the official DomainRaptor documentation! DomainRaptor is a powerful Cyber Intelligence Tool for domain reconnaissance and security assessment.
- Discover Commands
-
Recon Commands — full ASM workflow (
recon fullscan) -
Assess Commands — includes
assess exploits(KEV / EPSS / Exploit-DB) - Enrich Commands — URLScan & 3rd-party intelligence
- Report Commands
- Watch Commands
- Compare Commands
- Database Commands
-
Terminal UI (TUI) — full-screen Textual app (
domainraptor tui)
- API Keys Setup
- Output Formats
- Scan Modes
- Risk Algorithm — how the 0-100 risk score is calculated
- Examples & Use Cases
DomainRaptor is a comprehensive cyber intelligence tool designed for:
- 🔍 Domain Discovery - Find subdomains, DNS records, and related assets
- 🛡️ Security Assessment - Identify vulnerabilities and misconfigurations
- 📊 Reporting - Generate detailed security reports in multiple formats
- 👁️ Monitoring - Track changes in your attack surface over time
- 📈 Comparison - Compare scan results and detect changes
| Feature | Description |
|---|---|
| Multi-source Discovery | Integrates with crt.sh, HackerTarget, Shodan, ZoomEye, Censys |
| Full ASM workflow |
recon fullscan aggregates every source into one report |
| SSL/TLS Analysis | Deep certificate analysis and validation |
| DNS Security Checks | DNSSEC, SPF, DMARC, DKIM verification |
| HTTP Header Analysis | Security header compliance checking |
| Vulnerability Scanning | CVE database correlation (Shodan + NVD) |
| Exploit Intelligence | CISA KEV, EPSS scores and Exploit-DB references (no API key required) |
| 3rd-party enrichment | URLScan.io history and metadata |
| Multiple Output Formats | JSON, YAML, HTML, Markdown, PDF |
| Persistent Storage | SQLite database for scan history |
| Change Detection | Track modifications between scans |
| Risk Scoring | Weighted 0-100 score with KEV / EPSS bonuses (details) |
| Terminal UI | Full-screen interactive interface — domainraptor tui
|
# 1. Build the attack surface (subdomains → IPs → services → CVEs)
domainraptor recon fullscan example.com
# 2. Enrich every CVE with CISA KEV / EPSS / Exploit-DB
domainraptor assess exploits example.com --save
# 3. Render a polished HTML report with KEV badges and exploit links
domainraptor report generate example.com -f html -o report.html
# Or launch the interactive TUI
domainraptor tui-
CLI Help: Run
domainraptor --helpordomainraptor <command> --help - Issues: GitHub Issues
- Discussions: GitHub Discussions
Next: Installation Guide →