ReconRay Security Tools

Extract comprehensive metadata and basic information from any URL including title, description, headers, and response details.

Analyze HTTP security headers to identify missing or misconfigured security policies like CSP, HSTS, and X-Frame-Options.

Automated testing for SQL injection vulnerabilities using comprehensive payload sets and advanced detection techniques.

Discover subdomains using DNS enumeration, certificate transparency logs, and passive reconnaissance techniques.

Extract DNS records and perform brute-force subdomain discovery with comprehensive wordlists and validation.

Fast TCP and UDP port scanning to identify open services, running applications, and potential attack vectors.

Check for exposed robots.txt, security.txt, and other sensitive files that may reveal system information.

Detect reflected Cross-Site Scripting vulnerabilities using advanced fuzzing techniques and payload variations.

Fingerprint web technologies, frameworks, CMS platforms, and server stack components for reconnaissance.

Extract API endpoints, URLs, and sensitive information from publicly accessible JavaScript files.

Discover hidden directories and files using comprehensive wordlists and intelligent path enumeration.

Identify other domains and websites hosted on the same IP address for expanded attack surface analysis.

Upload custom payload files and fuzz web forms, parameters, and endpoints with your own testing data.

Automatically match detected technologies with known CVEs from the National Vulnerability Database for risk assessment.

Detect Cross-Origin Resource Sharing misconfigurations that could lead to unauthorized data access.