All workK M Fazle Rabbi
Security · OSINT · Open Source2026Live

Web Intel

Fast, read-only OSINT dashboard for analyzing any domain, similar in spirit to web-check style tooling, with a focused UI and no API keys required for core checks.

Role:Solo developer · full-stackTimeline:4 weeks
Live siteGitHub
Web Intel, product screenshot
17+
External research deep-links
0
API keys for core checks
MIT
Open-source license
01Problem

What needed solving.

Developers, security reviewers, and compliance-minded teams often need a quick read on what is already public about a domain before deeper assessment. Jumping between DNS lookups, certificate viewers, header scanners, and third-party intel tools is slow, fragmented, and easy to skip during triage.
02Approach

How I built it.

Web Intel gives developers and security-minded users a fast, read-only snapshot of what is publicly visible about a domain. The app runs parallel OSINT checks for DNS, SSL, headers, geolocation, archive history, crawl rules, and related signals, then surfaces an advisory panel for security issues and warnings. External tool deep-links pre-fill the analyzed domain for follow-up in VirusTotal, Shodan, SSL Labs, and similar services. The project is open source under MIT with CI and deployment guides for Vercel and Cloudflare.

Key engineering decisions
  • 01Built as a full-stack TanStack Start app with SSR, server functions, and file-based routing so checks run server-side while keeping the UI responsive and shareable.
  • 02Parallelized independent OSINT lookups to reduce total report latency instead of running checks sequentially.
  • 03Kept core checks free of third-party API keys so the tool stays usable out of the box, while deep-links hand off to specialized external services when deeper analysis is needed.
03Features

What it does.

Parallel OSINT checks

Runs DNS, SSL, security headers, geolocation, archive, crawl rules, and related public-signal checks in parallel and returns a structured report in one view.

Advisory security panel

Highlights missing headers, certificate issues, and other warnings in a focused advisory panel so reviewers can triage risk quickly.

External research deep-links

Pre-fills analyzed domains into VirusTotal, Shodan, SSL Labs, and other external tools for deeper follow-up without retyping the target.

Full feature list (6 more)
  • 01DNSSEC, SPF, DMARC, and email-related checks
  • 02Social meta tags and linked page discovery
  • 03Wayback archive and carbon estimate signals
  • 04WAF hints and RDAP domain WHOIS lookups
  • 05Deployment guides for Vercel and Cloudflare Workers
  • 06GitHub Actions CI for linting and build verification
04Results

What it shipped.

Shipped as a live open-source app with a focused dark UI and fast domain analysis flow. The project demonstrates how to combine SSR, server-side recon logic, and practical security UX in a tool that is useful for developers, reviewers, and risk-minded teams doing first-pass domain triage.

Live
Public deployment
MIT
Open-source release
05Stack

Built with.

ReactTypeScriptTanStackTailwindVercelCloudflare
06Live & links

See it live.

Live siteGitHub
07Next case study
km-pyapi

FastAPI-inspired REST framework, published to PyPI, built to understand framework internals from the ground up.