50% off the first month with code OSINT50Ends in --:--:--

PRO

OSINT Domain Analyzer

The Domain Analyzer builds a complete map of a domain’s infrastructure: DNS records, WHOIS data, subdomains, IP addresses, SSL certificates and exposed employee emails. It is the key tool for passive reconnaissance and for understanding an organization’s attack surface.

Open tool See all tools

What it does

  • DNS records and WHOIS data for the domain.
  • Subdomain enumeration (including passive discovery with BBOT).
  • Associated IPs, SSL certificates and technologies.
  • Real employee emails detected passively.

How to use it

  1. 1Enter the domain (example.com) to analyze.
  2. 2Run the passive recon (may take 1–2 min).
  3. 3Explore subdomains, IPs and emails to pivot.

Use cases

  • Attack-surface mapping and pentesting.
  • Organization OSINT investigations.
  • Asset inventory and external exposure.

Frequently asked questions

Why is it slow on some domains?

Passive subdomain discovery with BBOT can take 1–2 minutes on large domains.

Does it find employee emails?

Yes, it detects exposed addresses passively from multiple sources.

Which keys improve it?

It is enriched by IPinfo, Shodan, VirusTotal, FullHunt or Hunter set in Settings.

OSINT UI PRO

Unlock every tool

Go PRO and use all 16 tools without limits.

See plans

Other OSINT tools

OSINT Port Scanner
OSINT Reputation Checker
EXIF Metadata Extractor
See all tools