Discover, scan and monitor any online assets
With Netlas, it takes just a few minutes to build a scope and investigate it
Thousands of IT security experts use Netlas.io as a reliable source of information for their day‑to‑day operations
Netlas has landed on something that’s specifically new and different, especially as a standalone offering, and has a multitude of use cases.
I’m building and running a security program at a startup and I can’t afford a lot of the larger tools/subscriptions that would give me access to the data Netlas offers.
Jeff Geiger
Senior Director of Security at Selfbook
Today I tested @Netlas_io (since I needed a replacement for @securitytrails).
Its worth the money — some of you know I am heavily into automation, data quality is important. When it comes to price/performance ratio — Netlas is currently the way to go.
Damian Strobel
Founder of dsecured.com
Netlas has been highly effective for our threat-hunting efforts. In particular, my team has found the response search invaluable. We use it for locating potential text strings, keywords, or filenames related to malicious domains. Another use case is to identify possible subdomains associated with malicious domains.
Hieu (Hieupc) Ngo
Threat Hunter at NCSC Viet Nam
🙌 @netlas_io A valuable tool and a fantastic product that’s making life easier for pentesters and bug hunters!
🐞🔍 With its advanced reconnaissance and automation features, Netlas is a game-changer for identifying security threats and vulnerabilities.
Begin n Bounty
Practical bug bounty tips channel
Netlas has led me to discover numerous new assets, facilitating successful subdomain takeovers. Additionally, I’ve been using Netlas for identifying vulnerable services using keywords, titles, or favicon hashes, a strategy that has yielded significant success. I’ve found Netlas to be the most cost-effective and reliable option.
Jayesh Madnani
CEO and Hacker in charge @ EIS
I tested Fofa, Hunter, Shodan, but Netlas gives absolutely accurate results. Suppose if I search for swagger-ui then I will get proper results regarding my query and the best thing is, that those urls are working. If I do the exact same thing in other IoT search engines, only 70-80% of their results work, and here I see 95%!
Chirag Artani
Penetration tester, bug bounty hunter
Best-in-Class OSINT Apps
Tools for reconnaissance, non-intrusive security assessment, and security‑related research
Non-intrusive Internet Scanner
Netlas.io scans every IPv4 address and crawls every known website and web application utilizing such protocols as HTTP, FTP, SMTP, POP3, IMAP, SMB/CIFS, SSH, Telnet, SQL and others. Collected data is enriched with additional info and available through Netlas.io Search tools.
Powerful Search Engine
There are five general data collections available right now: internet scan results, DNS registry, IP WHOIS, Domain WHOIS and SSL certificates. You can build search queries with different conditions and operators. Try to search using whois fields, GeoIP data, DNS registry data, protocol fields, technology and product names and even vulnerabilities.
Attack Surface Discovery tool
Start with a single domain or an IP address and build a complete attack surface for your target in a few clicks. Save it, share it, or download it as a list of targets for further scanning. Netlas.io Attack Surface Discovery tool is so easy to use and produces great results!
Reliable Data Provider
Do you want to use Netlas.io data in your own application or database? It’s easy! Full-REST API is available to every registered user. There is another option: download our bulk data. Check out already generated datasets and let us know if you don’t find the data you are looking for. We will prepare a custom dataset especially for you.
Netlas.io Features
Superior scanning technology and powerful search engine
High Level of Data Coupling
Various pieces of information are already linked together to provide an extended context
Data mining is easier with Netlas.io. There are three main sources of information used for scan results enrichment. These are whois databases, DNS records and SSL certificates. Netlas.io provides interfaces for working with these sources directly and for working with already enriched scan results.
Complex Queries
Use wildcards, regexp, fuzzy & proximity searches
Data mining is easier with Netlas.io. There are three main sources of information used for scan results enrichment. These are whois databases, DNS records and SSL certificates. Netlas.io provides interfaces for working with these sources directly and for working with already enriched scan results.
Queries with Protocol Fields
Queries that are more specific lead to results that are more accurate
Netlas.io search engine has advanced support of the most common network protocols. It means that host response fields are available as search query parameters. The mapping (fields available to search) consists of more than 10,000 fields. It’s increasing continuously with each new protocol supported.
Please, take a moment to read through the help section of the application to understand the search capabilities.
Global Security Data
Cybersecurity research goes global with Netlas.io
The passive scan method used by Netlas.io identifies products and technologies from about 3 out of 4 host responses. In about a third of cases, the product version is also recognized. Vulnerabilities are identified based on product versions according to the U.S. Government National Vulnerability Database and updated with each new scan. Netlas.io also provides information about exploits availability.
Netlas.io Integrations
Fetch Netlas.io data from apps you already use
Made for Automation
You can easily integrate Netlas.io in your own app
Full-REST API
The Netlas web app uses an API that is available to any Netlas user. This means that you can call any function in the web app via the API from any third-party application.
DocumentationNetlas SDK & Examples
Check out the Netlas Github repository. There you will find some Netlas usage examples and an SDK for the Python language. SDK implementations for other languages will come later.
Github RepositoryNetlas API in Swagger UI
The Netlas team welcomes the independent development of Netlas-based tools. These could be anything ranging from simple scripts to complex automation. Netlas API is available in the OpenAPI format.
Interract with Netlas APICommand-Line Friendly
Use Netlas.io to orchestrate your needs. Utilize it in your automation scripts for data search and enrichment
The Netlas Python SDK includes a command-line interface. If you have Python installed, just use the Python package installer to setup the SDK. Once you have completed that step, you can interact with Netlas.io using the command-line.
user@host ~ % netlas
Usage: netlas [OPTIONS] COMMAND [ARGS]...
Options:
-h, --help Show this message and exit.
Commands:
count Calculate count of query results.
download Download data.
host Host (ip or domain) information.
indices Get available data indices.
profile Get user profile data.
savekey Save API key to the local system.
search (query) Search query.
stat Get statistics for query.