Fast, modular attack surface discovery — subdomains, ports, tech stack, secrets, hidden endpoints, cloud assets — part of the security research ecosystem
Scan checkpoint and resume for gossan — persists stage results to SQLite — part of the security research ecosystem
Cloud asset discovery scanner for gossan (S3, GCS, Azure Blob, DigitalOcean Spaces) — part of the security research ecosystem
Core types, traits, and shared networking utilities for the gossan attack-surface scanner — part of the security research ecosystem
Cross-module finding correlation engine for gossan (attack chain detection) — part of the security research ecosystem
Authenticated web crawler — form extraction, parameter discovery, link following — part of the security research ecosystem
DNS security scanner — SPF/DMARC/DKIM email auth, zone transfer (AXFR), subdomain takeover, CAA/NS posture — part of the security research ecosystem
Distributed fleet orchestration for Gossan
Graph persistence for Gossan — stores targets and findings in a local SQLite database
Headless Chromium browser engine for executing JavaScript and trapping dynamic XHRs in gossan — part of the security research ecosystem
Hidden endpoint and misconfiguration scanner for gossan (CORS, SSRF, JWT, Swagger, cache deception) — part of the security research ecosystem
Horizontal discovery engine for gossan (ASN pivoting, BGP prefix mapping, WHOIS correlation)