Checking a domain means hopping between dig, whois, openssl, nmap, crt.sh and a stack of browser tabs — then copy-pasting it all into a doc. ReconKit runs every check at once and compiles a single ranked report you can export to PDF. Minutes of busywork, gone.
The same checks a reviewer runs by hand — gathered, ranked, and exported in one pass.
Full surface-level reconnaissance of any domain, from a native macOS app.
A, AAAA, MX, NS, TXT, SOA, plus SPF, DMARC, DNSSEC and CAA hygiene in one pass.
Discovered from Certificate Transparency logs (crt.sh), then resolved to find live hosts.
Certificate details, expiry, issuer chain, and certificate-transparency log entries.
Security headers, server fingerprint, redirects, and full response analysis.
TCP handshake against 15 common ports, with banner grabs on plaintext services.
Registrar, creation and expiry dates, and domain status via the authoritative registry.
Have I Been Pwned and URLhaus for free; add your own VirusTotal key for 90+ vendors.
Re-scan over time, compare snapshots, and export the whole report as PDF.
No flags, no man pages, no copy-pasting between tools.
Type any domain or hostname into the bar.
ReconKit fans out every probe in parallel.
Structured findings in seconds. Export to PDF.
Free and open source. No accounts, no tracking, no telemetry. Every probe runs locally on your Mac — read the code yourself.
Star on GitHubNo fearmongering. No 40-page PDF. A short, ranked report your web person or IT can act on the same day — industry-standard scanners, read by a human.
The report is the proof.