Nighthawk Search

The Nighthawk Search module serves as a centralized intelligence engine that enables security analysts, IT teams, and executives to conduct deep reconnaissance across organizational assets. It provides full visibility into domains, subdomains, exposed infrastructure, and potential threat exposures in real time.

This feature bridges the gap between attack surface discovery and threat intelligence correlation, allowing teams to proactively identify risks before they escalate into incidents.

Purpose and Functionality

Nighthawk Search is designed to help organizations understand their external digital footprint. By entering a domain or subdomain into the search interface, users can instantly retrieve detailed intelligence regarding hosting, DNS records, open ports, SSL certificates, cloud usage, and associated IPs.

Each query generates a comprehensive asset intelligence report, empowering users to:

• Evaluate exposure levels of domains and subdomains.

• Identify vulnerable endpoints and outdated services.

• Correlate discovered assets with known threat indicators and reputation data.

• Monitor organizational changes, ownership details, and certificate validity.

Search Modes

Users can select between two primary search modes:

• Domain Search: Performs a complete scan of a registered domain to reveal associated infrastructure, technology stack, IP ranges, ports, and SSL configurations.

• Subdomain Search: Focuses on granular intelligence for individual subdomains, allowing for deeper analysis of distributed environments and third-party integrations.

Key Insights Provided

The generated reports offer multi-layered intelligence that includes:

• Security Rating Gauge: Displays the calculated security posture (e.g., 71%) based on exposed vulnerabilities and missing security headers.

• Threat Exposure Index: Quantifies the number of identified risks and weaknesses tied to the scanned asset.

• Global Footprint Mapping: Visualizes where servers and services are geographically distributed.

• Certificates & WAF Detection: Displays SSL certificate status (valid/expired) and identifies any deployed Web Application Firewalls (e.g., Cloudflare, AWS).

• Open Ports & Technologies: Lists all detected ports and backend technologies powering the asset (e.g., Cloudflare, Vercel, Nginx).

• Email Exposure Indicators: Highlights SPF and DMARC configurations to assess email spoofing resistance.

• Exposed Subdomains & IPs: Enumerates associated infrastructure elements that could widen the attack surface.