# ABR NetTools — full tool catalogue > The complete ABR NetTools catalogue for agents and LLMs. Short version + MCP endpoint: https://nettools.abr.cloud/llms.txt . NetTools is by ABR, an independent studio in Saarbruecken, Germany. Tools marked `Free` run for anyone (a CAPTCHA gates anonymous networked runs); `Pro` tools need a paid account. Networked tools run via the cloud relay; utilities run on-device. Many are callable over the remote MCP at https://mcp.abr.cloud/mcp/sse (give each a `target`). ## Always-on monitoring (included on every plan) Cloud-side monitors checked from the relay, no credentials stored. Kinds: HTTP(S) uptime, TCP port, TLS expiry, and `domainhealth` (the 7-check posture composite as a scheduled monitor — alerts the moment SPF/DMARC/MX/TLS/DNSSEC/blacklist posture breaks). All plans include spike-proof email alerts (re-checked before alerting), the Fleet Health single pane with per-check acknowledge, a public status page (host groups, optional 4-char PIN), and weekly/monthly email digests. - Free: 1 monitor, every 5 min, 30-day history - Pro (EUR 3.99/mo): 10 monitors, every 5 min, 90-day history - AI Premium (EUR 7.99/mo): 25 monitors, every 1 min, 365-day history + server host-metrics agents (CPU/RAM/disk on Linux/macOS/Windows) + AI digest summaries - MSP (EUR 29/mo) / MSP+ (EUR 49/mo): 100/250 monitors at 1-min intervals, 5/15 client workspaces with WHITE-LABEL status pages on the agency's own domain + client-ready PDF reports — flat price, no per-technician seats: https://my.abr.cloud/pricing.html ## Tools (81 total) ### Reconnaissance (10) - **WHOIS** (`whois`, Free) — Look up domain registration: registrar, registrant, nameservers, creation/expiry dates, and status flags. - **DNS LOOKUP** (`dns`, Free) — Query all major DNS record types (A, AAAA, MX, NS, TXT, CNAME, SOA) for a domain. - **REVERSE DNS** (`rdns`, Free) — Reverse-lookup an IPv4 address to its PTR hostname, with forward-confirmation matching. - **IP GEOLOCATION** (`ipgeo`, Free) — Geolocate an IP: country, city, ISP, ASN, timezone, plus proxy/VPN/hosting flags. - **SUBDOMAIN ENUM** (`subenum`, Pro) — Brute-force ~130 common subdomain prefixes via DNS-over-HTTPS to discover hidden hosts. - **ZONE TRANSFER** (`zonetransfer`, Pro) — Attempt AXFR against a domain's nameservers to detect leaked full DNS zones. - **CT LOG SEARCH** (`ctlogs`, Pro) — Search Certificate Transparency logs (crt.sh) to passively discover subdomains from issued certs. - **OSINT PROFILE** (`osint`, Pro) — Aggregate DNS, WHOIS, SSL, headers, ASN, and geo into one domain intelligence snapshot. - **DNS HISTORY** (`dnshistory`, Pro) — Query passive DNS for historical IP/MX/NS records and infrastructure changes over time. - **DOM HEALTH** (`domainhealth`, Pro) — Run 7 posture checks (SSL, HTTPS redirect, SPF, DMARC, DNSSEC, MX, blacklist) with pass/warn/fail. ### Scanning (12) - **PING** (`ping`, Free) — Send continuous ICMP echo requests to measure round-trip time and packet loss. - **TRACEROUTE** (`traceroute`, Free) — Map each network hop to a destination, showing router IPs and per-hop latency. - **LAN INFO** (`laninfo`, Free) — Enumerate local interfaces: IPs, subnet masks, MAC addresses, and default gateway. - **SPEEDTEST** (`speedtest`, Free) — Measure internet latency, jitter, download and upload throughput via Cloudflare. - **PING MONITOR** (`monitor`, Pro) — Continuously ping targets in the background with per-target intervals and RTT sparklines. - **PORT SCAN** (`portscan`, Pro) — TCP connect-scan the 22 most common ports (or specified ones) for open/closed/filtered status. - **LAN SCAN** (`lanscan`, Pro) — Sweep a local subnet to discover live hosts, enriched with reverse DNS, MAC, and vendor. - **BANNER GRAB** (`bannergrab`, Pro) — Connect to host:port and capture the service greeting banner to identify software. - **SERVICE DETECT** (`servicedetect`, Pro) — Probe 18 common service ports in parallel and identify running services from banners. - **PORT RANGE** (`portscanrange`, Pro) — Scan a custom TCP port range (up to 10,000 ports), showing only open ports. - **UDP SCAN** (`udpscan`, Pro) — Probe 11 common UDP ports with protocol-specific payloads (DNS, NTP, SNMP, etc.). - **SNMP WALK** (`snmpwalk`, Pro) — Walk a device's SNMP MIB tree to extract system, interface, and routing information. ### Web (14) - **SSL / TLS** (`ssl`, Free) — Retrieve a site's TLS certificate chain: subject, issuer, SANs, validity, key, protocol. - **HTTP HEADERS** (`http`, Free) — Analyse HTTP response headers and score the 6 critical security headers. - **REDIRECT CHAIN** (`redirects`, Free) — Follow the full HTTP redirect chain, showing status codes, destinations, and HTTP downgrades. - **TLS INSPECTOR** (`tlscheck`, Pro) — Test which TLS versions (1.0–1.3) a server supports and inspect the active certificate. - **CORS CHECK** (`cors`, Pro) — Send a cross-origin request to reveal the server's CORS policy and flag misconfigurations. - **COOKIE AUDIT** (`cookies`, Pro) — List Set-Cookie headers and check Secure, HttpOnly, and SameSite flags on each cookie. - **CSP EVALUATOR** (`csp`, Pro) — Parse the Content-Security-Policy header, flag weak directives, and grade the policy A–F. - **URL ANALYZER** (`urlscan`, Free) — Follow redirects to the final page and analyse headers, tech stack, and security headers. - **MIXED CONTENT** (`mixedcontent`, Pro) — Scan an HTTPS page for insecure HTTP subresources (scripts, images, iframes, forms). - **CLICKJACK** (`clickjacking`, Pro) — Check X-Frame-Options and CSP frame-ancestors to assess clickjacking protection. - **WAF DETECT** (`waf`, Pro) — Send normal and XSS-probe requests to fingerprint any Web Application Firewall present. - **TECH STACK** (`techstack`, Pro) — Fingerprint web server, framework, CMS, CDN, and JS/CSS libraries from headers and HTML. - **HTTP VERSION** (`http23`, Pro) — Detect HTTP/2 support via TLS ALPN and HTTP/3 advertisement via the Alt-Svc header. - **TLS CONFIG** (`tlsconf`, Pro) — Probe which TLS versions a server accepts and show the negotiated cipher per version. ### Crypto & TLS (6) - **CERT VIEWER** (`certview`, Free) — Retrieve and parse the leaf certificate: subject, issuer, SANs, key, serial, fingerprint. - **CERT EXPIRY** (`certexpiry`, Free) — Check a certificate's expiry date and classify it OK/warning/critical/expired. - **CT LOG SEARCH** (`certct`, Pro) — Query crt.sh Certificate Transparency logs for all certificates issued for a domain. - **SELF-SIGNED** (`selfsigned`, Pro) — Detect whether a site's certificate is self-signed, from an untrusted CA, or trusted. - **CERT PINNING** (`certpin`, Pro) — Check Expect-CT/HPKP headers and SCTs to assess certificate pinning strength. - **CIPHER SUITE** (`ciphertest`, Pro) — Probe TLS versions and test whether weak ciphers (RC4, 3DES, NULL) are accepted. ### Email security (11) - **SPF** (`spf`, Free) — Retrieve and parse the SPF record, showing authorized senders and the all-qualifier. - **DKIM** (`dkim`, Free) — Probe common DKIM selectors and retrieve the public key record, key type, and length. - **DMARC** (`dmarc`, Free) — Retrieve and analyse the DMARC record: policy, alignment modes, and reporting addresses. - **MX / SMTP** (`mx`, Free) — Resolve MX records, test SMTP connectivity on port 25, and check for open relay. - **MTA-STS** (`mtasts`, Pro) — Check the MTA-STS DNS record and policy file for SMTP TLS enforcement mode and MX list. - **BIMI** (`bimi`, Pro) — Check the BIMI record, logo/VMC reachability, and required DMARC p=reject prerequisite. - **DELIV. SCORE** (`score`, Pro) — Score email deliverability out of 100 across SPF, DKIM, DMARC, MTA-STS, BIMI, blacklist. - **TLS-RPT** (`tlsrpt`, Pro) — Look up the SMTP TLS-RPT record and its TLS failure-reporting endpoints. - **SMTP BANNER** (`smtpbanner`, Pro) — Connect to the top MX on port 25 to grab the SMTP banner and EHLO capabilities. - **CATCH-ALL** (`catchall`, Pro) — Test whether a mail server accepts any address (catch-all) via a random RCPT TO probe. - **HDR ANALYZER** (`emailheader`, Pro) — Parse pasted raw email headers, trace the Received chain, and show SPF/DKIM/DMARC results. ### Threat intel (9) - **BLACKLIST** (`blacklist`, Free) — Check an IP or domain against dozens of DNS blackhole lists (RBLs) for spam listing. - **ASN LOOKUP** (`asn`, Free) — Look up an ASN or IP for organisation, RIR, and announced BGP prefixes. - **IP REPUTATION** (`iprep`, Free) — Classify an IP as residential, datacenter/cloud, VPN/proxy, or mobile carrier. - **TOR CHECK** (`tor`, Free) — Check whether an IP is a known Tor exit node using the live Tor Project list. - **BGP ROUTE** (`bgp`, Pro) — Query the BGP routing entry and RPKI validation status for a prefix. - **RPKI CHECK** (`rpki`, Pro) — Check whether an IP's prefix has a valid Route Origin Authorization (ROA) in RPKI. - **BGP HIJACK** (`bgphijack`, Pro) — Detect Multiple Origin AS conflicts and RPKI-invalid routes as BGP hijack indicators. - **HOST RECON** (`shodanlike`, Pro) — Banner-grab 14 internet-facing ports to build a Shodan-style exposed-host profile. - **MALWARE CHECK** (`malwaredomain`, Pro) — Check a domain/IP against URLhaus and ThreatFox threat-intel databases for malware IOCs. ### DNS (8) - **DNSSEC** (`dnssec`, Free) — Verify DNSSEC signing and validation: AD bit, DNSKEY/DS/RRSIG presence, chain status. - **DOH QUERY** (`doh`, Free) — Resolve a record over DNS-over-HTTPS via Cloudflare and Google in parallel for comparison. - **CAA RECORD** (`caa`, Free) — Query CAA records to see which certificate authorities may issue certs for a domain. - **DNS PROPAGATION** (`dnsprop`, Pro) — Query 12 global resolvers to verify a DNS change has fully propagated worldwide. - **TTL ANALYZER** (`ttl`, Pro) — Show the TTL of every record type, colour-coded, to audit DNS caching durations. - **NSEC WALK** (`nsecwalk`, Pro) — Check whether a DNSSEC zone uses enumerable NSEC or hardened NSEC3 records. - **RESOLVER CMP** (`resolvercompare`, Pro) — Compare A-record answers from 5 DoH resolvers to detect poisoning or hijacking. - **ANYCAST TEST** (`anycasttest`, Pro) — Identify the Cloudflare edge PoP serving you and measure DNS resolver latencies. ### Utilities (11) - **SUBNET CALC** (`subnetcalc`, Free) — Offline CIDR calculator: network, broadcast, host range, masks, and address type. - **RANGE → CIDR** (`iprange`, Free) — Convert an arbitrary IP range into the minimal exact set of CIDR blocks. - **IP CONVERTER** (`ipconv`, Free) — Convert an IPv4 address between dotted, decimal, hex, binary, PTR, and IPv6-mapped forms. - **MAC LOOKUP** (`maclookup`, Free) — Decode a MAC address offline (unicast/local/randomized) and look up its vendor OUI. - **QR GENERATOR** (`qrgen`, Free) — Generate a QR code offline from any text/URL, or a scannable Wi-Fi join code. - **URL PARSER** (`urlparse`, Free) — Split a URL into components and warn about credentials, raw IPs, and encoding tricks. - **JWT PARSER** (`jwtparse`, Free) — Decode a JWT's header and payload locally and flag risky algorithms (signature not verified). - **HASH TEXT** (`hashtext`, Free) — Compute MD5, SHA-1, and SHA-2 family digests of text entirely locally. - **HMAC GEN** (`hmacgen`, Pro) — Compute HMAC digests locally from a key:message input across common hash functions. - **PASSWORD GEN** (`passgen`, Free) — Generate random passwords, passphrases, PINs, and tokens with entropy, using the OS CSPRNG. - **PASS STRENGTH** (`passcheck`, Free) — Analyse a password's entropy locally and estimate crack times for three attacker profiles.