Map a network, read what it is exposing, and check what the public internet already knows about a target. These are the first tools you reach for in any assessment.
Break any IPv4 CIDR into network, broadcast, usable host range and binary, with subnet splitting and a CIDR cheat sheet.
Pull registration, registrar, name servers and live DNS records for any domain through public RDAP and DNS. No key needed.
Searchable reference of common TCP and UDP ports, the service on each, a risk rating, and the Nmap command to probe it.
Grade a site TLS setup, certificate chain, expiry and protocol support so you know what you are trusting before you connect.
Generate hardened TLS configuration for Nginx, Apache and more, with strong ciphers and only the protocols you choose.
Read a domain email authentication records and surface the gaps attackers use to spoof and phish from a trusted name.
Inspect a site response headers and score the security ones, flagging missing HSTS, CSP, X-Frame-Options and the rest.
Reference on common protocols, their weaknesses and the secure alternative, from Telnet and FTP to DNS, SNMP and more.
Look up A, AAAA, MX, TXT, NS and CNAME records for any domain over DNS over HTTPS, straight from the browser.
Resolve any IPv4 or IPv6 address to its PTR record and see the hostname it claims to map back to.
Check an email address for valid syntax and whether its domain can actually receive mail, with a live MX lookup.
Map an IP to the Autonomous System that announces it: AS number, owning organisation, BGP prefix and registry.
Identify the hardware maker behind a MAC address and read the bits that mark it global or locally administered.
Resolve an IP to its approximate location, network owner and timezone, or look up your own public IP.
Check an IP against VirusTotal and AbuseIPDB at once for vendor detections, an abuse confidence score and report history.
Reference tools last reviewed June 2026. Ports, protocols and frameworks are checked quarterly.
Free for learners. Tell us who you are once and every tool opens after that. It helps us keep the tools working and build what you actually need.
One time only. We never sell your data.
