A simple tool to scan a domain and aliases to report common risks and issues.

What is This?

Hosted on Streamlit

A simple python application which: given a domain and domain aliases, scans the domains for common risks and issues:

• is the HTTPS certificate about to expire?
• is the Domain about to expire?
• do all the schemes and www subdomain redirect correctly?

A simple tool for scanning domains to find common problems.

Scheme and Subdomain Redirects

Ideally we would have a single canonical scheme and subdomain pattern for each domain.

e.g. rather than http://mydomain.com, https://mydomain.com, https://www.mydomain.com, http://www.mydomain.com they would all redirect with a 301 redirect to either https://mydomain.com or https://www.mydomain.com

Sometimes this goes wrong:

• we put in temporary redirects,
• redirects loop back on themselves,
• we redirect https correcty but forget about http
• etc.

The tool performs a variety of checks for different combinations and shows the resulting redirect path.

Local Execution

The code is open source and can be found on github.

• Check Python is installed
• in the src folder for the repo code -pip3 install -r requirements.txt

The command below will run the streamlit GUI version:

• streamlit run doStreamlitTechnicalDomainAudit.py

A command line version exists which can be run with a config file. The config file is a JSON file:

{
    "projectName" : 'talotics',
    "sitemapUrls" : [],
    "portfolioSiteUrls" : ['talotics.com'],
    "siteAliases" : {'talotics.com':['digitalonlinetactics.com']}
}

The command line version can be run as:

python3 doTechnicalDomainAudit.py -config=configfile.json

Or the domain can be set from the command line:

python3 doTechnicalDomainAudit.py -domain=talotics.com

The config file has additional configuration to support future functionality.