Internal Attack Simulation Suite
Vulnerability signals are heuristic — error string matches / HTTP 500 responses suggest potential weakness, not confirmed exploitability.
Probes 40 common subdomains via DNS resolution. Resolved entries indicate live hosts.
Scores protective HTTP security headers and flags missing controls that may indicate attack surface.
Results are heuristic signals (non-401/403/429 response = potential hit) — not proof of compromise.