Discover, scan and monitor any online assets

With Netlas, it takes just a few minutes to build a scope and investigate it

Try it! Learn more

Thousands of IT security experts use Netlas.io as a reliable source of information for their day‑to‑day operations

🙌 @netlas_io A valuable tool and a fantastic product that’s making life easier for pentesters and bug hunters!

🐞🔍 With its advanced reconnaissance and automation features, Netlas is a game-changer for identifying security threats and vulnerabilities.

Begin n Bounty

Practical bug bounty tips channel

Today I tested @Netlas_io (since I needed a replacement for @securitytrails).

Its worth the money — some of you know I am heavily into automation, data quality is important. When it comes to price/performance ratio — Netlas is currently the way to go.

Damian Strobel

Founder of dsecured.com

By aiding in the hunt for new cyber threats, they’re not just providing a service, but fostering a community-driven approach to cybersecurity.

Such partnerships amplify the importance of collective vigilance and shared knowledge in combating evolving digital threats.

Hieu Ngo (Hieupc)

Threat hunter at NCSC Viet Nam

Here is the best alternative to #shodan or #censys: @Netlas_io I got to know about it yesterday and it’s really awesome.

N$🍥

Bug hunter, ethical hacker

I recently started using @Netlas_io I’m really enjoying the tool, it’s fast, and it brings fascinating things!

👑 OFJAAAH 👑

Bug hunter, ethical hacker

I’m loving Netlas.io!

So much great tools for pentesting.

Chiagoziem Mba-Oji

Security vulnerability researcher

Best-in-Class OSINT Apps

Tools for reconnaissance, non-intrusive security assessment, and security‑related research

Non-intrusive Internet Scanner

Netlas.io scans every IPv4 address and crawls every known website and web application utilizing such protocols as HTTP, FTP, SMTP, POP3, IMAP, SMB/CIFS, SSH, Telnet, SQL and others. Collected data is enriched with additional info and available through Netlas.io Search tools.

Powerful Search Engine

There are five general data collections available right now: internet scan results, DNS registry, IP WHOIS, Domain WHOIS and SSL certificates. You can build search queries with different conditions and operators. Try to search using whois fields, GeoIP data, DNS registry data, protocol fields, technology and product names and even vulnerabilities.

Attack Surface Discovery tool

Start with a single domain or an IP address and build a complete attack surface for your target in a few clicks. Save it, share it, or download it as a list of targets for further scanning. Netlas.io Attack Surface Discovery tool is so easy to use and produces great results!

Reliable Data Provider

Do you want to use Netlas.io data in your own application or database? It’s easy! Full-REST API is available to every registered user. There is another option: download our bulk data. Check out already generated datasets and let us know if you don’t find the data you are looking for. We will prepare a custom dataset especially for you.

Datastore →

Netlas.io Features

Superior scanning technology and powerful search engine

2,469,076,038

Domain names

645,812,959

Host responses

3,745,451,234

SSL certificates

Search any section of a host response

Search across server headers, banners or the entire body of a web page. Use regular expressions. Detect almost any product or technology using the Netlas.io search engine.

GeoIP, Favicon, Technology or JARM fingerprint

Search and filter results using metadata such as a whois ORG field, emails, network names (ASN), hosting providers, a favicon hash and so on.

DNS Records, IP & Domain WHOIS, SSL Certs

In addition to its core Response search feature, Netlas.io provides additional DNS search and certificate search interfaces.

Handling of redirects

Unlike most competitors, Netlas.io scanners follow up to 5 HTTP redirects. Yes, we follow the white rabbit.

Vulnerabilities and PoCs

Netlas.io flags possibly vulnerable services and provides links to external tools that allow you to perform an active vulnerability assessment test.

API & Python SDK

Use Netlas.io on the web or through a CLI. Use the SDK to create automation scripts or to perform integrations with other products.

High Level of Data Coupling

Various pieces of information are already linked together to provide an extended context

Data mining is easier with Netlas.io. There are three main sources of information used for scan results enrichment. These are whois databases, DNS records and SSL certificates. Netlas.io provides interfaces for working with these sources directly and for working with already enriched scan results.

Netlas Responses search document example

Complex Queries

Use wildcards, regexp, fuzzy & proximity searches

Queries with Protocol Fields

Queries that are more specific lead to results that are more accurate

Netlas.io search engine has advanced support of the most common network protocols. It means that host response fields are available as search query parameters. The mapping (fields available to search) consists of more than 10,000 fields. It’s increasing continuously with each new protocol supported.

Please, take a moment to read through the help section of the application to understand the search capabilities.

Using protocol fields with Netlas Responses search

Global Security Data

Cybersecurity research goes global with Netlas.io

The passive scan method used by Netlas.io identifies products and technologies from about 3 out of 4 host responses. In about a third of cases, the product version is also recognized. Vulnerabilities are identified based on product versions according to the U.S. Government National Vulnerability Database and updated with each new scan. Netlas.io also provides information about exploits availability.

Vulnerable devices distribution on the world map

Netlas.io Integrations

Fetch Netlas.io data from apps you already use

Check geolocation, whois data, exposed ports, software and vulnerabilities while browsing web sites.

Check geolocation, whois data, exposed ports, software and vulnerabilities while browsing web sites.

Netlas Responses, DNS, Whois, SSL Certs and other transforms are available in Maltego.

Subdomain search in the Netlas DNS data collection is available with OWASP Amass.

Subdomain search in the Netlas DNS data collection is available with Subfinder by ProjectDiscovery.io

Netlas product (tag) search is available through Uncover by ProjectDiscovery.io.

Subdomain search in the Netlas DNS data collection is available with reNgine.

Netlas API is fully available on the Tines automation platform.

Made for Automation

You can easily integrate Netlas.io in your own app

Full-REST API

The Netlas web app uses an API that is available to any Netlas user. This means that you can call any function in the web app via the API from any third-party application.

Documentation

Netlas SDK & Examples

Check out the Netlas Github repository. There you will find some Netlas usage examples and an SDK for the Python language. SDK implementations for other languages will come later.

Github Repository

Netlas API in Swagger UI

The Netlas team welcomes the independent development of Netlas-based tools. These could be anything ranging from simple scripts to complex automation. Netlas API is available in the OpenAPI format.

Interract with Netlas API

Command-Line Friendly

Use Netlas.io to orchestrate your needs. Utilize it in your automation scripts for data search and enrichment

The Netlas Python SDK includes a command-line interface. If you have Python installed, just use the Python package installer to setup the SDK. Once you have completed that step, you can interact with Netlas.io using the command-line.

Documentation

user@host ~ % netlas
Usage: netlas [OPTIONS] COMMAND [ARGS]...

Options:
-h, --help Show this message and exit.

Commands:

count Calculate count of query results.

download Download data.

host Host (ip or domain) information.

indices Get available data indices.

profile Get user profile data.

savekey Save API key to the local system.

search (query) Search query.

stat Get statistics for query.