I Built a Full Security Recon Tool in 50 Lines of Python — Here's the Code

Last week a friend asked me to check if his startup's website had any security issues. Instead of manually running 5 different tools, I wrote one Python script that does everything: finds subdomains, checks SSL, audits headers, detects technologies, and reports vulnerabilities. 50 lines. No paid tools. All free APIs. What It Does $ python recon.py example.com 🔍 RECON REPORT: example.com 📡 Subdomains (via crt.sh): api.example.com staging.example.com mail.example.com 🔒 SSL Certificate: Issuer: Let's Encrypt Expires: 2026-06-15 (82 days) ✅ Valid 🛡️ Security Headers: ✅ Strict-Transport-Security ❌ Content-Security-Policy (MISSING) ❌ X-Frame-Options (MISSING) ✅ X-Content-Type-Options 🌐 Technologies: Server: nginx/1.25 Framework: Next.js CDN: Cloudflare ⚠️ Issues Found: 2 1. Missing Content-Security-Policy header 2. Missing X-Frame-Options header The Code (50 Lines) import ssl import socket import requests from datetime import datetime def recon ( domain ): print ( f ' \n 🔍 RECON REPORT: { do