Quick Start¶
After installing Nadzoring (see Installation), you can start using it immediately. This page covers the most common workflows with practical examples.
Basic Structure¶
Nadzoring uses a three-level command hierarchy:
nadzoring <group> <command> [OPTIONS] [ARGUMENTS]
The four command groups are dns, network-base, security, and arp.
Global Options¶
Every command supports these flags:
Option |
Short |
Description |
Default |
|---|---|---|---|
|
Show debug logs and execution timing |
|
|
|
Suppress all output except results |
|
|
|
Disable colored output |
|
|
|
|
Output format: |
|
|
Save results to a file |
None |
1. Check Your Network Configuration¶
Get a full summary of your local network interface:
nadzoring network-base params
Output includes interface name, IPv4/IPv6 addresses, gateway IP, MAC address, and public IP address.
To export as JSON for scripting:
nadzoring network-base params -o json --save net_params.json
2. Resolve a Hostname to IP¶
Translate a hostname to its IPv4 address:
nadzoring network-base host-to-ip example.com
Look up specific DNS record types:
# A record (IPv4)
nadzoring dns resolve example.com
# All record types at once
nadzoring dns resolve -t ALL example.com
# MX and TXT records
nadzoring dns resolve -t MX -t TXT gmail.com
# Show TTL values
nadzoring dns resolve --show-ttl -t A github.com
# Use a specific nameserver
nadzoring dns resolve -n 8.8.8.8 example.com
Python API:
from nadzoring.dns_lookup.utils import resolve_with_timer
result = resolve_with_timer("example.com", "A")
if not result["error"]:
print(result["records"]) # ['93.184.216.34']
print(result["response_time"]) # e.g. 42.5 ms
3. Comprehensive Domain Information¶
Retrieve WHOIS registration data, DNS records, IP geolocation, and reverse DNS for a domain in a single command:
nadzoring network-base domain-info example.com
# Multiple domains, save as JSON
nadzoring network-base domain-info -o json --save domain_info.json \
google.com github.com cloudflare.com
Python API:
from nadzoring.network_base.domain_info import get_domain_info
info = get_domain_info("example.com")
print(info["whois"]["registrar"])
print(info["dns"]["ipv4"]) # '93.184.216.34'
print(info["dns"]["records"]["MX"]) # list of MX records
print(info["geolocation"]["country"])
print(info["reverse_dns"]) # hostname or None
4. Reverse DNS Lookup¶
Find the hostname associated with an IP address (PTR record):
# Single IP
nadzoring dns reverse 8.8.8.8
# Multiple IPs at once
nadzoring dns reverse 1.1.1.1 8.8.8.8 9.9.9.9
# Use a custom nameserver
nadzoring dns reverse -n 208.67.222.222 8.8.4.4
# Save results as JSON
nadzoring dns reverse -o json --save reverse.json 8.8.8.8
Python API:
from nadzoring.dns_lookup.reverse import reverse_dns
result = reverse_dns("8.8.8.8")
print(result["hostname"]) # 'dns.google'
print(result["response_time"]) # e.g. 18.34 ms
# IPv6 also supported
result = reverse_dns("2001:4860:4860::8888")
print(result["hostname"]) # 'dns.google'
# Handle errors
result = reverse_dns("192.168.1.1")
if result["error"]:
print(result["error"]) # 'No PTR record'
5. Ping a Host¶
Check basic network reachability:
# Single host
nadzoring network-base ping google.com
# Multiple hosts at once
nadzoring network-base ping 8.8.8.8 1.1.1.1 cloudflare.com
Python API:
from nadzoring.network_base.ping_address import ping_addr
# Works with IPs, hostnames, and full URLs
reachable = ping_addr("8.8.8.8")
reachable = ping_addr("https://google.com")
6. HTTP Probe a URL¶
Measure DNS resolution time, time-to-first-byte, and total download time:
nadzoring network-base http-ping https://example.com
# With response headers
nadzoring network-base http-ping --show-headers https://github.com
# Custom timeout, disable SSL verification
nadzoring network-base http-ping --timeout 5 --no-ssl-verify https://self-signed.badssl.com
Python API:
from nadzoring.network_base.http_ping import http_ping
result = http_ping("https://example.com")
print(result.status_code) # 200
print(result.dns_ms) # e.g. 12.5
print(result.ttfb_ms) # e.g. 87.3
print(result.total_ms) # e.g. 134.6
print(result.content_length) # bytes
7. DNS Health Check¶
Score a domain’s DNS configuration from 0 to 100:
nadzoring dns health example.com
Scoring thresholds:
80–100 → Healthy
50–79 → Degraded
0–49 → Unhealthy
Python API:
from nadzoring.dns_lookup.health import health_check_dns
result = health_check_dns("example.com")
print(result["score"]) # e.g. 85
print(result["status"]) # 'healthy' | 'degraded' | 'unhealthy'
for issue in result["issues"]:
print("ISSUE:", issue)
for warn in result["warnings"]:
print("WARN:", warn)
8. Validate DNS Records¶
Run a detailed DNS check including MX priority and SPF/DKIM validation:
nadzoring dns check example.com
# Check specific record types only
nadzoring dns check -t MX -t TXT gmail.com
Python API:
from nadzoring.dns_lookup.health import check_dns
result = check_dns(
"example.com",
record_types=["MX", "TXT"],
validate_mx=True,
validate_txt=True,
)
print(result["records"]) # {'MX': ['10 mail.example.com'], ...}
print(result["validations"]) # {'mx': {'valid': True, 'issues': [], ...}}
9. Trace the DNS Resolution Path¶
Follow the delegation chain from root servers to the authoritative answer,
similar to dig +trace:
nadzoring dns trace example.com
# Start from a specific nameserver instead of root
nadzoring dns trace -n 8.8.8.8 google.com
Python API:
from nadzoring.dns_lookup.trace import trace_dns
result = trace_dns("example.com")
for hop in result["hops"]:
print(hop["nameserver"], hop["response_time"], hop.get("records"))
print("Final answer:", result["final_answer"])
10. Compare DNS Servers¶
Detect discrepancies between multiple resolvers for the same domain:
nadzoring dns compare example.com
# Custom servers and record types
nadzoring dns compare -t A -t MX -s 8.8.8.8 -s 1.1.1.1 -s 9.9.9.9 example.com
Python API:
from nadzoring.dns_lookup.compare import compare_dns_servers
result = compare_dns_servers(
"example.com",
servers=["8.8.8.8", "1.1.1.1", "9.9.9.9"],
record_types=["A", "MX"],
)
if result["differences"]:
for diff in result["differences"]:
print(f"Server {diff['server']} returned different {diff['type']} records")
print(f" Expected: {diff['expected']}")
print(f" Got: {diff['got']}")
11. Detect DNS Poisoning¶
Check whether a domain’s DNS responses show signs of poisoning, censorship, or unusual CDN routing:
nadzoring dns poisoning example.com
# Custom control server with additional record types checked
nadzoring dns poisoning -c 1.1.1.1 -a MX -a TXT google.com
# Save as HTML report
nadzoring dns poisoning -o html --save poisoning_report.html twitter.com
Severity levels: NONE → LOW → MEDIUM → HIGH → CRITICAL / SUSPICIOUS
12. Benchmark DNS Servers¶
Find the fastest DNS resolver for your location:
# Benchmark all well-known public servers
nadzoring dns benchmark
# Custom servers, 20 queries each
nadzoring dns benchmark -s 8.8.8.8 -s 1.1.1.1 -s 9.9.9.9 --queries 20
# Sequential mode (one server at a time)
nadzoring dns benchmark -t MX -d gmail.com --sequential
Python API:
from nadzoring.dns_lookup.benchmark import benchmark_dns_servers
results = benchmark_dns_servers(
servers=["8.8.8.8", "1.1.1.1", "9.9.9.9"],
queries=10,
)
for r in results:
print(f"{r['server']}: avg={r['avg_response_time']:.1f}ms ok={r['success_rate']}%")
13. Scan Ports¶
Discover open ports and running services on a target:
# Fast scan (common ports)
nadzoring network-base port-scan example.com
# Full scan (all 65535 ports)
nadzoring network-base port-scan --mode full 192.168.1.1
# Custom range
nadzoring network-base port-scan --mode custom --ports 1-1024 example.com
# UDP scan
nadzoring network-base port-scan --protocol udp --mode fast example.com
14. Security Auditing¶
SSL/TLS certificate check:
# Compact summary
nadzoring security check-ssl example.com
# 30-day warning window, multiple domains
nadzoring security check-ssl --days-before 30 google.com github.com
# Full details (SAN, protocols, chain)
nadzoring security check-ssl --full example.com
Python API:
from nadzoring.security.check_website_ssl_cert import check_ssl_certificate
result = check_ssl_certificate("example.com", days_before=14)
print(result["status"]) # 'valid' | 'warning' | 'expired' | 'error'
print(result["remaining_days"]) # e.g. 142
print(result["protocols"]["supported"]) # ['TLSv1.2', 'TLSv1.3']
HTTP security header audit:
nadzoring security check-headers https://example.com
Python API:
from nadzoring.security.http_headers import check_http_security_headers
result = check_http_security_headers("https://example.com")
print(result["score"]) # 0–100 coverage score
print(result["missing"]) # list of absent recommended headers
print(result["leaking"]) # e.g. {'Server': 'nginx/1.18.0'}
Email security (SPF / DKIM / DMARC) validation:
nadzoring security check-email example.com
Python API:
from nadzoring.security.email_security import check_email_security
result = check_email_security("example.com")
print(result["overall_score"]) # 0–3
print(result["spf"]["all_qualifier"]) # '~'
print(result["dmarc"]["policy"]) # 'reject'
print(result["all_issues"]) # aggregated issue list
Subdomain discovery:
# CT logs + built-in wordlist
nadzoring security subdomains example.com
# CT logs only
nadzoring security subdomains --no-bruteforce example.com
Continuous SSL monitoring:
nadzoring security watch-ssl example.com
nadzoring security watch-ssl --days-before 14 --interval 300 api.example.com
Python API:
from nadzoring.security.ssl_monitor import SSLMonitor
monitor = SSLMonitor(["example.com", "api.example.com"], interval=3600, days_before=14)
monitor.set_alert_callback(lambda domain, msg: print(f"ALERT {domain}: {msg}"))
monitor.run_cycles(cycles=5)
15. ARP Cache and Spoofing Detection¶
Inspect the local ARP cache:
nadzoring arp cache
Statically detect potential spoofing from current cache:
nadzoring arp detect-spoofing
# Check only specific interfaces
nadzoring arp detect-spoofing eth0 wlan0
Monitor ARP traffic in real time (requires root/admin):
nadzoring arp monitor-spoofing --interface eth0 --count 200 --timeout 60
# Save alerts for forensic analysis
nadzoring arp monitor-spoofing -o json --save arp_alerts.json
Output Formats¶
Use -o to change how results are displayed or saved:
nadzoring dns resolve -o json example.com
nadzoring dns health -o html --save health_report.html example.com
nadzoring network-base connections -o csv --save conns.csv
nadzoring security check-ssl -o json example.com
nadzoring security check-headers -o json --save headers.json https://example.com
nadzoring security check-email -o json --save email.json example.com
nadzoring security subdomains -o json --save subdomains.json example.com
Available formats: table (default), json, csv, html, html_table
Getting Help¶
# List all command groups
nadzoring --help
# List commands in a group
nadzoring dns --help
nadzoring network-base --help
nadzoring security --help
nadzoring arp --help
# Help for a specific command
nadzoring dns reverse --help
nadzoring network-base port-scan --help
nadzoring security check-ssl --help
nadzoring security check-email --help
nadzoring arp monitor-spoofing --help
16. Continuous DNS Monitoring¶
The dns monitor command runs a persistent loop that tracks health and
performance over time, fires alerts when thresholds are breached, and logs
everything to a structured JSONL file.
# Monitor with default servers (Google + Cloudflare), save log
nadzoring dns monitor example.com \
--interval 60 \
--log-file dns_monitor.jsonl
# Strict thresholds — alert above 150 ms or below 99 % success
nadzoring dns monitor example.com \
-n 8.8.8.8 -n 1.1.1.1 -n 9.9.9.9 \
--interval 30 \
--max-rt 150 --min-success 0.99 \
--log-file dns_monitor.jsonl
# Run exactly 10 cycles and save a JSON report (great for CI)
nadzoring dns monitor example.com --cycles 10 -o json --save report.json
# Quiet mode for cron / systemd
nadzoring dns monitor example.com \
--quiet --log-file /var/log/nadzoring/dns_monitor.jsonl
After Ctrl-C (or after --cycles completes), a statistical summary is
printed automatically.
Analyse the log later:
nadzoring dns monitor-report dns_monitor.jsonl
nadzoring dns monitor-report dns_monitor.jsonl --server 8.8.8.8 -o json
Python API — embed in your own script:
from nadzoring.dns_lookup.monitor import AlertEvent, DNSMonitor, MonitorConfig
def my_alert_handler(alert: AlertEvent) -> None:
print(f"ALERT [{alert.alert_type}]: {alert.message}")
config = MonitorConfig(
domain="example.com",
nameservers=["8.8.8.8", "1.1.1.1"],
interval=60.0,
queries_per_sample=3,
max_response_time_ms=300.0,
min_success_rate=0.95,
log_file="dns_monitor.jsonl",
alert_callback=my_alert_handler,
)
monitor = DNSMonitor(config)
monitor.run()
print(monitor.report())
Scheduling with systemd (recommended for production):
# Create /etc/systemd/system/nadzoring-dns-monitor.service
# then:
sudo systemctl enable --now nadzoring-dns-monitor
sudo journalctl -u nadzoring-dns-monitor -f
See Continuous DNS Monitoring for the full systemd unit file, cron setup, trend analysis examples, and alert integration patterns.
17. Error Handling Patterns¶
Every public Python API function returns structured errors rather than raising exceptions, making it safe to use in automation scripts:
from nadzoring.dns_lookup.utils import resolve_with_timer
from nadzoring.dns_lookup.reverse import reverse_dns
from nadzoring.dns_lookup.health import health_check_dns
from nadzoring.security.check_website_ssl_cert import check_ssl_certificate
from nadzoring.security.http_headers import check_http_security_headers
# resolve_with_timer never raises — check the "error" field
result = resolve_with_timer("example.com", "A", timeout=3.0)
if result["error"]:
# possible: 'Domain does not exist', 'Query timeout', 'No A records'
print("DNS error:", result["error"])
else:
print("Records:", result["records"])
print("Response time:", result["response_time"], "ms")
# reverse_dns — same pattern
r = reverse_dns("8.8.8.8")
hostname = r["hostname"] or f"[{r['error']}]"
# health_check_dns always returns a complete dict
health = health_check_dns("example.com")
if health["status"] == "unhealthy":
for issue in health["issues"]:
print("CRITICAL:", issue)
for warning in health["warnings"]:
print("WARN:", warning)
# check_ssl_certificate never raises — check result["status"]
ssl = check_ssl_certificate("example.com")
if ssl["status"] == "error":
print("SSL check failed:", ssl.get("error"))
elif ssl["status"] == "warning":
print(f"Expiring in {ssl['remaining_days']} days")
# check_http_security_headers — check result["error"]
headers = check_http_security_headers("https://example.com")
if headers["error"]:
print("Header check failed:", headers["error"])
else:
print(f"Security score: {headers['score']}/100")