Enterprise ASN Reconnaissance For Security Professionals

Automatically discover and map entire ASN networks with comprehensive DNS intelligence.

• PTR Record Enumeration: Reverse DNS lookup across all IP ranges with parallel processing (15,000+ IPs/min)
• Domain Extraction: Automatic identification of unique domains from PTR records
• ASN Range Scanning: Scan multiple ASNs simultaneously with WHOIS intelligence from 5 RIRs + 5 NIRs
• Certificate Transparency: Subdomain discovery via CT logs for comprehensive asset inventory
• Smart Filtering: Multiple scan modes (gateway-only, internet-only, strict-valid) for targeted reconnaissance

TCP connect scanning with nmap-style top ports and custom port lists.

• Top Port Coverage: Scan top 100, 200, or 1000 most common ports with intelligent prioritization
• Custom Port Lists: Define specific ports for your environment
• Parallel Scanning: Configurable concurrency for speed vs. stealth balance
• Smart Targeting: Automatically focuses on discovered live hosts or runs comprehensive sweeps
• Service Detection: Identifies services running on open ports
• Authorization Prompts: Built-in ethical scanning safeguards

Deep certificate analysis with expiry tracking and security assessment.

• Certificate Details: CN, SANs, issuer, validity periods, key types/sizes
• Security Analysis: Identifies self-signed, expired, weak keys, deprecated TLS versions
• Chain Analysis: Maps certificate authority hierarchies
• Expiry Monitoring: Calculates days remaining and flags certificates expiring soon
• Certificate Transparency: SCT log verification
• Wildcard Detection: Identifies and tracks wildcard certificates

Automatic version detection with CVE correlation from NVD and Vulners databases.

• Server Version Detection: HTTP header analysis across multiple ports (80, 443, 8080, 8443, custom)
• Multiple CVE Sources: NVD, Vulners API integration with rate limiting
• Severity Filtering: Filter by LOW, MEDIUM, HIGH, CRITICAL
• Intelligent Matching: Product/version correlation with known vulnerabilities
• Real-time Alerting: CRITICAL findings trigger immediate notifications
• Trending Analysis: Track vulnerabilities over time with database mode

Understand network topology with traceroute and ASN attribution for each hop.

• Hop-by-Hop Analysis: Full path tracing with configurable max hops (default 30)
• ASN Attribution: Automatic ASN lookup for every hop using Team Cymru database
• IPv4 & IPv6: Dual-stack support for complete coverage
• RTT Measurements: Round-trip time tracking for latency analysis
• Parallel Tracing: Multiple simultaneous traceroutes for speed
• Topology Mapping: Visualize network architecture and routing paths

Comprehensive security posture assessment with A-F grading system.

• 7 Header Checks: HSTS, CSP, X-Frame-Options, X-Content-Type-Options, X-XSS-Protection, Referrer-Policy, Permissions-Policy
• A-F Grading: 100-point scoring system (A: 90-100, B: 70-89, C: 50-69, D: 30-49, F: 0-29)
• Missing Header Detection: Identifies absent security headers
• Compliance Mapping: Helps meet PCI DSS, SOC 2, ISO 27001 requirements
• Multi-Port Scanning: Check HTTP/HTTPS on standard and non-standard ports
• Bulk Assessment: Grade entire network infrastructure at once

Discover exposed configuration files, credentials, and sensitive information.

• 40+ Exposure Checks: .env, .git/config, wp-config.php, backup files, config.json, credentials, API keys
• Pattern Matching: Scans responses for password, api_key, secret, token patterns
• Banner Grabbing: Service banner analysis for version disclosure
• Severity Classification: CRITICAL for credentials, HIGH for configs, MEDIUM for backups
• No Redaction: Full disclosure approach for complete incident response evidence
• Smart Targeting: Leverages port scan results for efficient checking

Identify cloud infrastructure and shadow IT across your attack surface.

• 8+ Cloud Providers: AWS, Azure, GCP, Cloudflare, DigitalOcean, Linode, OVH, Hetzner
• IP Pattern Recognition: Fast identification via known cloud IP ranges
• Org Lookup: WHOIS-based provider confirmation
• Shadow IT Discovery: Find unauthorized cloud services
• Asset Inventory: Build comprehensive cloud asset database
• Distribution Analysis: Understand cloud provider usage across infrastructure

Built for continuous monitoring with complete automation and integration capabilities.

• Scan Profiles: Quick, Standard, Deep, Stealth, Security - pre-configured workflows
• Config File Support: ~/.asnspyrc for persistent settings
• Quiet Mode: Silent operation for cron jobs and CI/CD pipelines
• JSON Export: Complete structured data export for parsing and analysis
• Diff Mode: Compare scans to detect changes and new findings (LATEST or specific scan ID)
• Database Storage: SQLite, PostgreSQL, MySQL for scan history and trending
• Exit Codes: Proper status codes for pipeline integration