Domain analyzer is a security analysis tool that automatically discovers and reports information about a given domain. Its main purpose is to analyze domains in an unattended way. It has many crazy features, such as getting more domains from DNS zones, automatic nmap, webcrawler, and world domination mode. Check the features.
If you want nmap to scan more ports and run scripts and to run the crawler on those websites, you need to be root.
See in asciinema at https://asciinema.org/a/466274
Domain analyzer takes a domain name and finds information about it, such as DNS servers, mail servers, IP addresses, mails on Google, SPF information, etc. After all the information is stored and organized it scans the ports of every IP found using nmap and perform several other security checks. After the ports are found, it uses the tool crawler.py from @verovaleros, to spider the complete web page of all the web ports found. This tool has the option to download files and find open folders.
The main features are:
@verovaleros developed a separate python web crawler called "crawler.py". Its main features are:
Find 10 random domains in the .gov domain and analyze them fully (including web crawling). If it finds some Zone Transfer, retrieve more domains using them from Robtex!!
domain_analyzer.py -d .gov -k 10 -b
(Very Quick and dirty) Find everything related with .edu.cn domain, store everything in directories. Do not search for active host, do not nmap scan them, do not reverse-dns the netblock, do not search for emails.
domain_analyzer.py -d edu.cn -b -o -g -a -n
Analyze the 386.edu.ru domain fully
domain_analyzer.py -d 386.edu.ru -b -o
(Pen tester mode). Analyze a domain fully. Do not find other domains. Print everything in a pdf file. Store everything on disk. When finished open Zenmap and show me the topology every host found at the same time!
domain_analyzer.py -d amigos.net -o -e
(Quick with web crawl only). Ignore everything with 'google' on it.
domain_analyzer.py -d mil.cn -b -o -g -a -n -v google -x '-O --reason --webxml --traceroute -sS -sV -sC -PN -n -v -p 80,4443'
(Everything) Crawl up to 100 URLs of this site including subdomains. Store output into a file and download every INTERESTING file found to disk.
crawler.py -u www.386.edu.ru -w -s -m 100 -f
(Quick and dirty) Crawl the site very quick. Do not download files. Store the output to a file.
crawler.py -u www.386.edu.ru -w -m 20
(If you want to analyze metadata later with lafoca). Verbose prints which extensions are being downloaded. Download only the set of archives corresponding to Documents (.doc, .docx, .ppt, .xls, .odt. etc.)
crawler.py -u ieeeexplore.ieee.org/otherfiles/ -d -v
Most of these features can be deactivated.
Domain analyzer has now a docker image for the main version, on Python 3, with all dependencies already installed:
docker run --rm -ti verovaleros/domain_analyzer:latest /domain_analyzer/domain_analyzer.py -d <domain>
We have created a docker image that can be used to run domain analyzer on Python 2.7, and has all the dependencies already installed.
docker run --rm -it verovaleros/domain_analyzer:python2.7 /domain_analyzer/domain_analyzer.py -d <domain>

Domain analyzer was born on Feb 4th, 2011. You can check the original repository in source forge here
If you have any question, please send us an email! They are in the python files.
git clone https://github.com/eldraco/domain_analyzer.git
pip install -r requirements.txt
$ claude mcp add domain_analyzer \
-- python -m otcore.mcp_server <graph>