Attack surface intelligence.
In seconds.

Full perimeter recon in one scan.

PRISM Recon maps the entire external attack surface and renders it on a rotatable global map with dynamic risk scoring in less than 15 seconds. The same intelligence a skilled analyst builds manually across WHOIS records, DNS, threat feeds, banner grabs, and port data over 90 minutes. PRISM Recon achieves this with no APIs while running locally on your machine with no data leaks.

• Cloud infraMixed provider fingerprinting — AWS, Microsoft Azure, Google Cloud, Wix, Automattic, Hetzner, and other major vendors identified automatically
• WAF / ProxyReverse proxy and CDN detection — Cloudflare, WAF presence, DDoS mitigation identified; origin IP exposure confirmed or flagged
• Email securitySPF, DKIM, DMARC posture — gateway identification, soft fail detection, spoofability assessment
• Attack surfaceExposed service detection — publicly accessible services flagged and mapped to MITRE ATT&CK techniques
• TLS healthReal-time expiry warnings with days-remaining countdown and certificate chain parsing
• SubdomainsDev and staging exposure — publicly accessible subdomains discovered and flagged automatically
• Ports & servicesOpen port enumeration with SSH version detection, cleartext protocol identification
• HTTP headersHeader inspection across all open ports — X-Frame-Options, Referrer-Policy, status codes, and server fingerprints
• Threat intelLive threat feed matching — IPs and domains checked against threat intelligence sources; clean or flagged surfaced as a finding
• IntelligenceAnalyst summary, MITRE ATT&CK panel, auto-generated remediation recommendations, dynamic risk score