CONTINUOUS ATTACK SURFACE INTELLIGENCE

Discover what the internet knows about your business.

Every company leaves a trail online β€” subdomains, servers, software versions, open ports. We map all of it, watch it around the clock, and tell you the moment something changes.

Free report. No signup. Used by IT teams, security consultants, and CISOs.

WHO IT'S FOR

Built for everyone who needs to know their exposure.

Whether you own security as one of many hats, run recon for a living, or manage a formal security program across dozens of brands β€” NullBlocks gives you the external picture that flat scanners and annual audits can't.

🏒

IT directors and accidental CISOs

No red team. No ASM vendor budget. We give you an instant, plain-English picture of what you're exposing before an attacker finds it β€” and set up continuous monitoring without building any infrastructure.

Run a free report →
πŸ”¬

Security consultants and pentesters

Skip the multi-tool passive recon pipeline. DomRecon handles subdomain enumeration, tech fingerprinting, and version-matched CVE correlation in one request β€” for any scope, in seconds.

Read the research →
πŸ›οΈ

CISOs managing complex footprints

M&A activity, marketing microsites, shadow IT β€” we map your full external attack surface across all brands and subsidiaries, with change history and CVE coverage your auditors expect.

Explore the graph →
Free for everyone

The DomRecon Report

Type in any domain and get an instant snapshot of its attack surface: a clear risk grade, version-matched CVEs, the full technology stack, and a live list of subdomains. It's the same data attackers gather about you β€” except you get it first, for free.

  • Plain-English risk grade, A through F
  • Known CVEs matched to detected software versions
  • Technology stack and live subdomain inventory
Run a free report →
DomRecon attack surface report
Graph Explorer Β· Subscription

When one report isn't enough.

The free report is a single frame. Graph Explorer is the whole movie β€” every domain you own, mapped as a living graph, monitored continuously, with alerts when anything moves. Built for teams who need to stay ahead, not catch up.

πŸ•ΈοΈ

Interactive footprint graph

See how every subdomain, host, IP, and technology connects β€” and spot the relationships a flat report can never show you.

🏒

M&A and subsidiary mapping

Map an acquired company's full public footprint before integration begins. Track entire corporate families in one view β€” including domains you didn't know you owned.

πŸ“‹

Audit-ready change history

Continuous rescans with a timestamped change log. Answer "what was on our attack surface last quarter?" for your board, auditors, or incident response team β€” in seconds.

πŸ’Ό

Multi-client portfolio

One subscription, multiple domains. Security consultants use Graph Explorer to monitor every client engagement in one place β€” without repeating passive recon from scratch.

STAY AHEAD

Put your domain on our watchlist.

Tell us where to look and we'll keep an eye on your public footprint. You'll get your first report, plus a heads-up when something changes and early access to Graph Explorer pricing. No spam, no sales theatre β€” just useful signal.

Real humans read every reply. We typically respond within a day.