Python App #08

Domain Intel

Domain Intel performs comprehensive domain research by combining WHOIS lookups with RDAP fallback for maximum coverage. Discover registrar details, nameservers, creation and expiration dates, registrant information (when available), and domain status codes. Optionally integrate with VirusTotal (API key) for reputation scoring and malware detection. The tool also generates direct links to additional domain intelligence services.

whoisrdapvirustotalregistrar

Last updated:

Features

  • WHOIS lookup with parsed results
  • RDAP fallback for additional data
  • Registrar identification
  • Nameserver discovery
  • Domain creation/expiration dates
  • Registrant info (when public)
  • Domain status codes
  • Optional VirusTotal API integration
  • Reputation and malware scoring
  • HTML session export

Quick Start

# 1. Extract the zip and enter the folder
cd 08-Domain-Intel

# 2. Install dependencies
python install_requirements.py

# 3. Launch the tool
python domain_intel.py

Download

Tool: Domain Intel
File: 08-Domain-Intel.zip
Python: 3.8+
OS: Windows, macOS, Linux
Dependencies: customtkinter, requests, python-whois

Downloads are free — clicking the link below opens a short ad that helps support Max Intel. Thank you! Wait 15 seconds after clicking to unlock.

Click here for an ad
15
seconds remaining…
✓ Unlocked — thank you!
← All Python OSINT Apps

What Does Domain Intelligence Include?

Domain reconnaissance is the first phase of any security assessment per NIST SP 800-115 and the OWASP Testing Guide v4.2. This tool performs WHOIS lookups (RFC 3912), RDAP queries (RFC 7482), and DNS analysis to reveal domain ownership, registration history, nameservers, and hosting infrastructure. As of 2025, ICANN manages over 370 million registered domain names globally.

WHOIS Privacy and RDAP Transition

Since GDPR implementation in 2018, many WHOIS records redact registrant details. The newer RDAP protocol provides structured JSON responses with standardized access controls. This tool automatically falls back to RDAP when WHOIS data is redacted, maximizing intelligence recovered. Historical WHOIS records can reveal ownership changes and patterns useful for attribution.

Security Assessment Applications

According to the Verizon 2024 DBIR, 15% of breaches involved exploitation of public-facing applications, making domain reconnaissance essential. This tool reveals DNS configuration, mail servers, SSL certificates, and technology stack — the foundational data for vulnerability assessment, phishing investigation, and brand monitoring.

🔒 Domain Intel — Frequently Asked Questions

What information does the domain OSINT tool reveal?

The tool performs WHOIS lookups, DNS record enumeration, SSL certificate inspection, subdomain discovery, and checks against threat intelligence feeds to build a comprehensive profile of any domain.

Does the domain investigation tool require installation?

No. The tool runs entirely in your browser using client-side Python via Pyodide. No installation, API keys, or server-side processing required. Your queries are executed locally for maximum privacy.

What can I do with the domain investigation tool?

You can WHOIS lookups, DNS records, certificate history, and technology detection. The tool provides a clean interface with exportable results and cross-links to related Max Intel tools for deeper investigation.

Subdomain Scanner

Discover subdomains via certificate logs.

SSL/TLS Analyzer

Certificate chain analysis.

IP Lookup

IP geolocation and threat intel.

Domain Recon

Advanced domain reconnaissance.