See DDactic in Action

Walk through the platform step-by-step, then explore the engineering that powers it.

1
Submit a Company Scan

Enter a company name and DDactic automatically discovers all associated domains, subdomains, and infrastructure using certificate transparency logs and DNS reconnaissance.

ddactic.net/dashboard
COMPANY NAME
Acme Corporation
Discovering SLDs via crt.sh... 12 SLDs found
For CISOs: Discovery uses only public data sources (certificate transparency logs, DNS, WHOIS) without touching your production systems. Active simulations require explicit written authorization.
2
Attack Surface Discovery

DDactic maps every domain and subdomain, identifies CDN/WAF protection status, resolves IPs, and determines ASN ownership. Unprotected assets are flagged immediately.

ddactic.net/dashboard > Assets
Domain IP CDN/WAF ASN Status
acme.com 104.26.10.42 Cloudflare AS13335 Protected
api.acme.com 52.86.134.11 CloudFront AS16509 Protected
staging.acme.com 185.62.188.4 None AS24940 Exposed
mail.acme.com 185.62.188.5 None AS24940 Exposed
vpn.acme.com 185.62.188.6 None AS24940 Exposed
For Engineers: Each asset shows resolved IPs, CDN provider, ASN, and cloud platform. Use this to identify forgotten staging servers, exposed origins behind CDN, and shadow IT infrastructure.
3
Risk Posture at a Glance

The overview dashboard computes an exposure score from protection gaps, findings, scan coverage, and origin exposure. Scored using the Open Protection Index (OPI) framework across 6 resilience dimensions for board-level reporting.

ddactic.net/dashboard > Overview
54 Moderate Risk
CDN / WAF Coverage 40%
DNS Resolution 92%
Origin Exposure 25%
Domains
12
Assets
47
Findings
8
For CFOs / Risk: The exposure score translates directly into business risk. A score of 54 means 60% of your infrastructure has some protection gap. Use the ROI calculator to quantify potential downtime costs.
4
Infrastructure Topology Map

Interactive graph visualization shows relationships between domains, CDN providers, cloud platforms, and ASN boundaries. Identify single points of failure and unprotected clusters at a glance.

ddactic.net/dashboard > Topology
ACME CF CFr staging mail vpn acme.com api.acme Company CDN Protected Exposed
For CISOs: The topology map gives you a single-pane view of your entire external attack surface. Red nodes are direct targets for volumetric attacks. Share this with your board to visualize risk.
5
Findings & Breach Database

Cross-reference your domains against breach databases and leaked credential repositories. Identify if employee credentials have been exposed in known breaches.

ddactic.net/dashboard > Databases
Breached Credentials
1,247
Across 3 known breaches
Unique Accounts
892
Unique emails found
With Passwords
634
Plaintext or hashed
Source BreachDateRecordsData Types
Collection #1 Compilation 2019-01 847 Email + Password
LinkedIn 2021 2021-06 312 Email + Hash
Anti Public Combo 2016-12 88 Email + Password
For CFOs / Risk: Breached credentials represent quantifiable risk exposure. With 634 plaintext passwords in circulation, account takeover attacks become a statistical certainty. This data supports cyber insurance renewal conversations.
6
Export & Take Action

Generate executive reports for the board, technical reports for your engineering team, or export raw data for integration with your existing SIEM/SOAR tools.

ddactic.net/dashboard > Export
Executive Summary
Board-ready PDF with risk score, key findings, and remediation timeline.
Download PDF
Technical Report
Full asset inventory, port scan results, DNS records, and L7 analysis.
Download PDF
Raw Data Export
JSON/CSV export for SIEM integration. Includes all scan artifacts.
Export JSON
What's next? Start with the free scan to see your actual attack surface. No signup required for the initial discovery scan. Upgrade to the full assessment for port scanning, L7 reconnaissance, and breach database cross-referencing.
Under the Hood

The Engineering Behind DDactic

Most platforms scan from a single cloud. DDactic orchestrates 19 simultaneously. Here's what makes it hard to replicate.

19
Cloud Platforms
75s
Spot Recovery
13+
Intel Sources
19
Industry Configs
Multi-Cloud Fleet
Distributed Bot Orchestration
Deploy across AWS, GCP, Azure, Alibaba, Tencent, DigitalOcean, Vultr, Linode, Hetzner, OVH, Scaleway, IBM, Fly.io, IONOS, Exoscale, GCore, Civo, Serverspace, and Contabo. A single boot.sh auto-detects each platform via metadata endpoints. Spot instances auto-heal in under 75 seconds when reclaimed.
3-Stage Pipeline
Automated Reconnaissance
Stage 1: SLD + subdomain discovery via 13+ API sources (crt.sh, VirusTotal, Shodan, Censys, and more). Stage 2: Port scanning with multi-region availability testing from 15+ locations. Stage 3: L7 recon with 5 parallel tools (HTTP, DNS, SMTP, SIP, D2R).
OPI Scoring
Open Protection Index
Proprietary 0-100 scoring framework across 6 dimensions: Defense Coverage, L7 Resilience, L3/L4 Resilience, Protocol Resilience, Operational Resilience, and Evasion Resistance. Compare against industry benchmarks across 19 sectors.
Device Labs
Physical App Interception
iOS (jailbroken), Android (rooted), and 44 Windows desktop apps scanned via MITM proxies. Discovers API endpoints, WebSocket connections, and gRPC channels invisible to web-only scanners.
Hardening Engine
Vendor-Specific Remediation
16 hardening templates across 6 CDN/WAF vendors (Cloudflare, AWS, GCP, Azure, Akamai, Fastly). Generates copy-paste CLI commands. Before-test and after-test recommendation sets.
The Moat
Why This Is Hard to Replicate
Each component is individually achievable. The moat is the integration: 19 cloud APIs, 13+ intelligence sources, 5 L7 tools, physical device labs, self-healing spot fleets, and vendor-specific hardening, all working as a single automated pipeline.
See Live Architecture