Some crazy features that could be there:
- Domain as a parameter
- DNS query
- HTTP query
- HTTPS query
- Store http headers
- Store http status
- Grab robots.txt
- Grab sitemap.xml
- Query to securityheaders.io
- TLS checks (https://www.ssllabs.com/projects/ssllabs-apis/)
- Haveibeenpwned domain check (https://haveibeenpwned.com/API/v2)
Usage:
- Test out from the command line
- Spread out to serverless infrastructure and create API
- persist data to somewhere
Trigger:
- API to trigger specific domain
- Feeder from new domain registrations
- Figure out as many .fi domains as you can http://avoindata.prh.fi/ytj.html
Bonus stage:
- What else is running on the same machine
- CEF (Embedded chrome) to actual see what javascript does