Recon types
Domain Recon
Runs DNS enumeration, HTTP probing, and TLS inspection on domains and subdomains. Discovers new subdomains, checks for DNS misconfigurations, and identifies web technologies.
Network Recon
Performs port scanning and service detection on IP addresses. Identifies open ports, running services, and their versions.
Configuration options
| Option | Description |
|---|---|
| Subdomain fuzzing | Enable or disable brute-force subdomain discovery |
| Port range | Set the start and end ports for network scanning |
| Takeover risk detection | Check for subdomain takeover vulnerabilities (dangling DNS records) |
Task status
Each recon task moves through a lifecycle:- Awaiting — queued, waiting to start
- Pending — about to begin processing
- Processing — actively running
- Completed — finished successfully
- Failed — encountered an error (check the task log for details)
Progress tracking
While a task is processing, you can monitor:- Stage name — the current step (e.g. DNS enumeration, port scanning)
- Percentage — overall progress
- ETA — estimated time remaining
- Item counts — number of assets discovered or scanned so far
Continuous Asset Discovery
Continuous Asset Discovery (CAD) monitors your root domains on an ongoing basis, automatically detecting new subdomains as they appear. This keeps your attack surface up to date without manual intervention.CAD is configured per root domain. Contact us at [email protected] to enable it for your workspace.