A comprehensive tool to trace the true origin of websites and uncover potential security threats.
Deep Domain Analyzer is an advanced web application designed to help users identify the true origin of websites, particularly those utilizing Content Delivery Networks (CDNs) like Cloudflare. With cyber threats becoming increasingly sophisticated, this tool provides a robust solution for analyzing domain information and revealing hidden details about potentially suspicious sites.
- Malicious Website Detection: Analyzes DNS records, network behavior, and website patterns to classify potential threats and malicious activities.
- DNS Resolution: Resolves domain names to IP addresses to identify the hosting infrastructure and location of websites.
- VirusTotal Integration: Leverages the VirusTotal API to cross-check domains against known malicious threat databases, ensuring a more comprehensive security analysis.
- Geolocation & Metadata Retrieval: Uses IPinfo to extract detailed geolocation data, ASN, and ISP information, providing crucial context about the domain's hosting environment.
- Subdomain Discovery (Sublist3r): Discovers associated subdomains, revealing additional entry points and expanding the scope of the investigation and also detects likely origin servers.
- IP Range Comparison: Cross-references the IPs of discovered subdomains against known CDN ranges (Cloudflare, AWS, Azure) to help pinpoint potential origin servers behind the CDN layer.
- WHOIS & Certificate Analysis: Retrieves domain registration data and examines SSL/TLS certificates for further verification, adding another layer of transparency to the investigative process.
– Backend processing and API integrations
– Frontend interactivity and API calls
– UI design and styling
– UI design and styling
– For building a web-based application
– For subdomain enumeration
– For gathering IP address information
– For gathering security threat intelligence
Before installing and running the program, ensure you have the following:
- Python 3.10.0 installed on your machine. You can download it from python.org.
- Git installed to clone the repository. If you don't have it, download it from git-scm.com.
- Operating System: Windows or Linux.
-
Clone the Repository:
Start by cloning the project repository to your local machine. The --recursive flag ensures that if your repository contains any submodules (like Sublist3r), they will be cloned as well. Open your terminal or command prompt and run the following command:
git clone --recursive https://github.com/niyatipatel2005/Exaclibur_Hackathon_2025 cd Exaclibur_Hackathon_2025 -
Install the Requirements:
The project has a
requirements.txtfile that lists all the necessary dependencies. To install them, run:pip install -r requirements.txt
This will install all the required Python libraries.
-
Running the Application:
Once you have cloned the repository and installed the requirements, you can start the application. In the project directory, run the following command:
python app.py
-
Accessing the Application:
After running
app.py, the app will start a local server. Open your web browser and go to:http://127.0.0.1:5000 -
Entering the Domain:
On the homepage, you will be prompted to enter a domain name. Please do not include
http://orhttps://. For example, you should enter:example.comAfter entering the domain, press Submit.
-
View Results:
The app will process the request and display the result. If there is a technical issue and the result shows up empty, you can restart the process by entering the domain again and submitting.
- Niyati Patel
- Suhani Patel
- Nishant Kumar
This project is licensed under the [NAME HERE] License - see the LICENSE.md file for details
Inspiration, code snippets, etc.