classDiagram
class SecurityAudit {
+audit_host(host, checks) dict
+audit_ports(host) list
+audit_ssl(host, port) dict
+audit_tls_deep(host, port) dict
+audit_http_headers(url) dict
+audit_web_app(host) dict
+audit_ssh(host, port) dict
+audit_dns(domain) dict
+audit_dnssec(host) dict
+audit_dns_trace(host) dict
+audit_whois(host) dict
+audit_mysql_exposure(host, port) dict
+audit_databases(host) dict
+audit_email(host) dict
+audit_infrastructure(host) dict
+audit_subdomains(host) dict
+audit_error_disclosure(host) dict
+audit_host_header(host) dict
+audit_hsts_preload(host) dict
+audit_rate_limiting(host) dict
+audit_api_versions(host) dict
+audit_clickjacking(host) dict
+audit_websocket(host) dict
+audit_os_fingerprint(host) dict
+audit_tech_detect(host) dict
+audit_inet_intel(host) dict
+audit_screenshot(host) dict
+send_report(host, email, severity) bool
+scan_scheduled() dict
}
SecurityAudit --|> ObjData
SecurityAudit ..> ObjInet : IP/domain intel
SecurityAudit ..> ObjTemplate : branded email
SecurityAudit ..> ObjWebMail : email delivery
SecurityAudit ..> ObjAI : AI analysis
Updated : 2026-03-28
Comprehensive security audit and penetration testing
tool. Performs 26 checks across network, web, DNS,
email, database, and infrastructure categories.
All results auto-persist to DB with AI summaries.
| Check |
Method |
What |
| Port scan |
audit_ports() |
22 common ports, SSH/FTP greeting capture |
| OS fingerprint |
audit_os_fingerprint() |
nmap -O -sV service detection |
| Check |
Method |
What |
| SSL certificate |
audit_ssl() |
Expiry, chain, SAN, issuer, serial, key size |
| TLS deep |
audit_tls_deep() |
Cipher strength, forward secrecy, CBC mode |
| Check |
Method |
What |
| HTTP headers |
audit_http_headers() |
HSTS, CSP, X-Frame, disclosure |
| Web app paths |
audit_web_app() |
23 sensitive paths, HTTP methods, CORS, cookies |
| Error disclosure |
audit_error_disclosure() |
Stack traces, debug mode, SQL errors |
| Host header |
audit_host_header() |
Header injection, redirect poisoning |
| HSTS preload |
audit_hsts_preload() |
Preload list status |
| Rate limiting |
audit_rate_limiting() |
Brute force protection |
| API versions |
audit_api_versions() |
Old API endpoint discovery |
| Clickjacking |
audit_clickjacking() |
X-Frame-Options + CSP frame-ancestors |
| WebSocket |
audit_websocket() |
ws:// vs wss://, origin validation |
| Tech detection |
audit_tech_detect() |
50+ frameworks, CMS, CDN, libraries with versions |
| Check |
Method |
What |
| SSH audit |
audit_ssh() |
Banner, KEX, ciphers, MACs via paramiko |
| Check |
Method |
What |
| DNS records |
audit_dns() |
SPF, DKIM, DMARC, CAA, zone transfer |
| DNSSEC |
audit_dnssec() |
RRSIG validation |
| DNS trace |
audit_dns_trace() |
NS chain, SOA, TTL |
| WHOIS |
audit_whois() |
Registrar, expiry, nameservers |
| Subdomains |
audit_subdomains() |
CT logs (multi-source), IP grouping, cache |
| Check |
Method |
What |
| MySQL |
audit_mysql_exposure() |
Port, version, auth, anonymous login |
| All databases |
audit_databases() |
PostgreSQL, Redis, MongoDB, Elasticsearch |
| Check |
Method |
What |
| SMTP |
audit_email() |
Open relay, STARTTLS, submission ports |
| Check |
Method |
What |
| Infrastructure |
audit_infrastructure() |
WAF, SNMP, IPv6, DNS records |
| IP/Domain intel |
audit_inet_intel() |
ObjInet geolocation, WHOIS, reverse IP, speed |
| Screenshot |
audit_screenshot() |
Headless Chromium capture + AI analysis |
¶ Subdomain Discovery
Multi-source fallback with DB cache:
- HackerTarget (10s timeout, fast)
- Certspotter (15s, CT logs)
- crt.sh (30s, CT logs)
- DNS brute force (80 common prefixes)
Results cached in data_subdomain_cache for 7 days.
Subdomains resolved to IPs and grouped.
Branded HTML email via ObjTemplate with:
- Scanner header (from YAML config)
- AI executive summary
- Website screenshot (compressed JPEG)
- Severity sections (CRITICAL/HIGH/MEDIUM/LOW/INFO)
with per-block AI analysis
- Structured passed check sections:
- Server & Infrastructure
- Network Ports
- Database
- Web & SSL
- IP Intelligence
- Domain & DNS (with 3-column subdomain IP groups)
- Changes since last scan
- Security glossary (auto-extracted relevant terms)
Every audit_host() call automatically:
- Creates
data_security_audit rows per finding
- Creates
data_security_audit_summary row
with severity counts, duration, AI summary
- Caches subdomains in
data_subdomain_cache
| Table |
Purpose |
data_security_audit |
Individual findings |
data_security_audit_summary |
Per-scan summary + AI |
data_subdomain_cache |
Subdomain DNS cache |
def_security_audit_hosts |
Host configuration |
Scanner info and security glossary stored in
ObjSecurityAudit.yaml under scanner: and
glossary: sections.
# Scan a single host (all checks)
python ObjSecurityAudit.py scan --host technocore.co.za
# Scan all configured hosts
python ObjSecurityAudit.py scan-all
# Scan with email report
python ObjSecurityAudit.py scan --host example.com \
--email user@example.com
ObjSecurityLocal.py — local OS hardening checksObjSecurityGlossary.py — security term definitionsObjInet.py — IP/domain intelligenceObjMonitor.py — orchestrates local + remote securityObjHost.py — unified host registryObjOperator.py — unified comparison operators
Updated : 2026-03-28