# xtls/realitlscanner

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/xtls-realitlscanner).**

2,993 stars · 222 forks · Go · mpl-2.0

## Links

- GitHub: https://github.com/XTLS/RealiTLScanner
- awesome-repositories: https://awesome-repositories.com/repository/xtls-realitlscanner.md

## Description

RealiTLScanner is a TLS configuration scanner and network security auditor designed to identify security settings across IP addresses and domains. It functions as a target discovery tool that analyzes TLS configurations to find compatible endpoints and evaluate server security postures.

The project distinguishes itself as a geolocation-enhanced network scanner, appending geographic location data and country codes to discovered security configurations using a local location database. This allows for the geographic mapping of servers by combining TLS scan results with GeoIP data.

The tool supports internet asset discovery through multi-source target imports, including the extraction of domains from URLs and the resolution of CIDR ranges into discrete addresses. It manages these tasks using a concurrent worker pool and asynchronous probe dispatch to analyze targets at scale.

Scan results and security metadata are processed through a data pipeline and exported into structured formats, such as CSV files, for further analysis.

## Tags

### Security & Cryptography

- [Network Security Auditing](https://awesome-repositories.com/f/security-cryptography/network-security-auditing.md) — Audits network security postures by detecting TLS configurations across wide network blocks and domain lists.
- [Configuration Analysis](https://awesome-repositories.com/f/security-cryptography/security/cryptography-and-secrets/cryptographic-primitives-management/tls-ssl-configurations/configuration-analysis.md) — Provides comprehensive scanning of IP addresses and domains to analyze TLS security settings and server configurations. ([source](https://github.com/XTLS/RealiTLScanner/blob/main/Dockerfile))
- [Asset Discovery Tools](https://awesome-repositories.com/f/security-cryptography/asset-discovery-tools.md) — Enumerates internet-facing infrastructure by converting CIDR ranges and URLs into structured target lists.
- [Geolocation-Enhanced Security Scanners](https://awesome-repositories.com/f/security-cryptography/geolocation-enhanced-security-scanners.md) — Combines network scanning for security configurations with automatic geographic location tagging for discovered servers.
- [Network Encryption Auditors](https://awesome-repositories.com/f/security-cryptography/network-encryption-auditors.md) — Audits the strength and configuration of network encryption across thousands of target addresses.
- [TLS Configuration Scanning](https://awesome-repositories.com/f/security-cryptography/security/cryptography-and-secrets/cryptographic-primitives-management/tls-ssl-configurations/tls-configuration-scanning.md) — Identifies and analyzes TLS security settings across multiple IP addresses and domains to find compatible endpoints.
- [TLS Target Discovery](https://awesome-repositories.com/f/security-cryptography/tls-inspection-tools/tls-target-discovery.md) — Extracts domains from URLs and resolves network blocks to build comprehensive lists of TLS-enabled servers.
- [TLS Security Auditing](https://awesome-repositories.com/f/security-cryptography/tls-security-auditing.md) — Identifies TLS security settings for domains and IP addresses using customizable probes and concurrent scanning. ([source](https://github.com/XTLS/RealiTLScanner#readme))
- [TLS Protocol Identification](https://awesome-repositories.com/f/security-cryptography/tls-management/connection-metadata-exposure/endpoint-identification/tls-protocol-identification.md) — Searches for servers with specific security protocols to build lists of compatible endpoints for network tunneling.

### Data & Databases

- [IP Geographic Mapping](https://awesome-repositories.com/f/data-databases/retrieval-metadata/geographic-metadata/ip-geographic-mapping.md) — Maps the physical location of servers by combining TLS scan results with IP-to-location data.
- [Data Enrichment](https://awesome-repositories.com/f/data-databases/data-enrichment.md) — Enhances raw scan results by augmenting IP targets with geographic location metadata. ([source](https://github.com/XTLS/RealiTLScanner#readme))

### Networking & Communication

- [Geo-Resolution Lookups](https://awesome-repositories.com/f/networking-communication/geo-filtering-databases/geo-resolution-lookups.md) — Appends geographic coordinates and country codes to scan results by matching IP addresses against a local location database.
- [Network Address Resolution](https://awesome-repositories.com/f/networking-communication/network-address-resolution.md) — Resolves domain names and CIDR blocks into discrete IP addresses to create a comprehensive target list. ([source](https://github.com/XTLS/RealiTLScanner/blob/main/utils.go))
- [Multi-Format Target Scanning](https://awesome-repositories.com/f/networking-communication/network-scanning-tools/blind-scanning-utilities/network-host-discoverers/multi-format-target-scanning.md) — Accepts multiple input formats, including CIDR ranges and URLs, to probe a wide array of targets. ([source](https://github.com/XTLS/RealiTLScanner/blob/main/main.go))
- [Target Expansion](https://awesome-repositories.com/f/networking-communication/subnet-routing/cidr-mapping/target-expansion.md) — Provides functionality to resolve CIDR network range notations into individual IP addresses for comprehensive scanning.
- [Asynchronous Probing](https://awesome-repositories.com/f/networking-communication/communication-protocols-architectures/communication-protocols-standards/network-protocols/connection-establishment-protocols/tcp-socket-clients/asynchronous-probing.md) — Implements non-blocking network probes to efficiently analyze thousands of TLS endpoints in parallel.
- [Domain Extraction Parsers](https://awesome-repositories.com/f/networking-communication/domain-extraction-parsers.md) — Isolates hostnames and domains from crawled web pages to identify potential network scanning targets. ([source](https://github.com/XTLS/RealiTLScanner/blob/main/README.md))

### Software Engineering & Architecture

- [Data Processing Pipelines](https://awesome-repositories.com/f/software-engineering-architecture/data-processing-pipelines.md) — Employs a modular pipeline to stream scan results through sequential stages of geographic enrichment and metadata formatting.
- [Concurrent Request Pools](https://awesome-repositories.com/f/software-engineering-architecture/object-pooling/task-pools/concurrent-request-pools.md) — Uses a capped resource pool of goroutines to manage simultaneous network requests and avoid system exhaustion.