Security & Detection Methodology

1. Non-Intrusive Auditing (OSINT)

All tools hosted on ReconShield—including the Subdomain Finder, SSL Checker, and Port Scanner—operate strictly within passive and non-intrusive scanning frameworks. We utilize Open-Source Intelligence (OSINT), query public Certificate Transparency (CT) logs, and leverage historical DNS resolution records to compile host maps.No exploitation payloads or intrusive brute-forcing techniques are ever deployed against target domains.

2. SSL/TLS Cryptographic Scoring

Our SSL scoring algorithm evaluates transport security configurations according to modern industry standards (RFC 8446). Scores are computed using five key variables:

• TLS Protocol Version: Mandates TLS 1.2 or TLS 1.3. Falling back to TLS 1.0 or TLS 1.1 triggers immediate grade limits.
• Cipher Strength: Prefers Authenticated Encryption with Associated Data (AEAD) ciphers (e.g. AES-GCM, ChaCha20-Poly1305).
• Chain Completeness: Verifies that web servers transmit all required intermediate CA certificates to establish browser trust.
• HSTS Implementation: Assesses Strict-Transport-Security configurations, requiring a minimum max-age of 1 year.

3. Port Exposure Assessments

Our Port Scanner analyzes TCP socket responses to identify listening services. We classify exposure risks based on service type. For example:

4. Tool Limitations

Because our scanners do not actively engage target servers with invasive exploits, certain access layers (such as internal firewalls, split-horizon DNS, and backend microservice routers) may hide listening ports or active subdomains from our discovery pipeline. Administrators should always run internal configuration audits alongside public ReconShield assessments.