SnitchNet Docs

Getting Started

Complete setup guide for SnitchNet

Create Your Account

Sign Up Options

SnitchNet supports multiple authentication methods:

Email & Password

  1. Visit the signup page
  2. Enter your first name, last name, and email
  3. Create a strong password
  4. Click "Sign Up"
  5. Check your email for verification link
  6. Click the link to verify your account

OAuth Providers

  • Google: Sign up with your Google account
  • Microsoft: Sign up with your Microsoft account

No password needed with OAuth - quick and secure!

Passkeys (WebAuthn)

  • Biometric authentication (Face ID, Touch ID, Windows Hello)
  • Passwordless login
  • Most secure option
  • Set up after initial registration

Two-Factor Authentication (2FA)

Enable 2FA for extra security:

  1. Go to Account Settings
  2. Click "Enable 2FA"
  3. Scan QR code with authenticator app (Google Authenticator, Authy, 1Password)
  4. Save backup codes in a secure location
  5. Enter verification code to confirm

Backup Codes: Keep these safe! If you lose your authenticator app, backup codes are the only way to access your account.

Create Your Organization

After signup, you'll create your first organization.

Organization Setup

  1. Name: Your company or team name (e.g., "Acme Corporation")
  2. Slug: URL-friendly identifier (e.g., "acme-corp")
    • Used in organization URLs
    • Must be unique
    • Can only contain letters, numbers, and hyphens

Team Roles

Invite team members with different permission levels:

Owner

  • Full access to everything
  • Manage billing and subscriptions
  • Delete organization
  • Only one owner per organization (can be transferred)

Admin

  • Manage members and invitations
  • Add and remove domains
  • Trigger scans and view results
  • Cannot manage billing or delete organization

Member

  • View domains and scan results
  • Trigger scans
  • Cannot manage team or domains

Viewer

  • Read-only access
  • View dashboards and reports
  • Cannot trigger scans or make changes

Add Your First Domain

Step 1: Add Domain

  1. Go to Dashboard
  2. Click "Add Domain" button
  3. Enter your domain name (e.g., example.com)
    • Don't include http:// or www
    • Just the domain name
  4. Click "Add Domain"

Step 2: Verify Ownership

To verify you own the domain, add a DNS TXT record:

Verification Process

  1. Copy the verification token shown
  2. Go to your DNS provider (Cloudflare, Route53, etc.)
  3. Add a TXT record:
    • Name: _snitchnet-verification or @
    • Value: Your verification token
    • TTL: 3600 (or auto)
  4. Save the record
  5. Wait 5-10 minutes for DNS propagation
  6. Return to SnitchNet and click "Verify"

Common DNS Providers

Cloudflare:

  • DNS tab → Add record
  • Type: TXT
  • Name: _snitchnet-verification
  • Content: [your token]

AWS Route 53:

  • Hosted zones → Select domain
  • Create record
  • Record type: TXT
  • Record name: _snitchnet-verification
  • Value: [your token]

GoDaddy:

  • DNS Management → Add
  • Type: TXT
  • Host: _snitchnet-verification
  • TXT Value: [your token]

Troubleshooting

Verification fails?

  • Check DNS propagation: Use https://dnschecker.org
  • Verify TXT record value exactly matches
  • Remove any quotes around the value
  • Wait longer (DNS can take up to 24 hours)
  • Try verifying again

Run Your First Scan

Once your domain is verified, start scanning!

  1. DNS Scan (1-2 seconds)

    • Discovers all DNS records
    • Finds IP addresses
    • Required for other scans

  2. TLS Scan (5-10 seconds)

    • Finds SSL/TLS certificates
    • Discovers subdomains
    • Checks expiration dates

  3. Port Scan (5-10 minutes)

    • Scans all discovered IPs
    • Identifies open ports and services
    • Checks for CVE vulnerabilities
    • Takes screenshots of HTTP/HTTPS services

  4. Similar Domains (10-30 minutes)

    • Generates domain permutations
    • Checks registration status
    • Screenshots suspicious domains

  5. Breach Detection (2-3 seconds)

    • Checks HaveIBeenPwned database
    • Fast and informative

  6. Email Security (instant)

    • Analyzes SPF, DKIM, DMARC
    • Requires DNS scan results first

How to Trigger Scans

Manual Scans

  1. Navigate to specific scan page (e.g., DNS Scan)
  2. Click "Start Scan" or "Scan Now" button
  3. Wait for completion
  4. View results

Trigger All Scans

  • From dashboard, click "Run All Scans"
  • Executes all 6 scan types
  • Returns partial results if some fail

Scheduled Scans (Small/Full Plans)

  1. Go to "Scheduled Scans" page
  2. Click "Create Schedule"
  3. Select scan type
  4. Choose frequency (daily, weekly, monthly)
  5. Set time (optional)
  6. Click "Create"

Scheduled scans run automatically in the background!

Understanding Results

DNS Scan Results

What you'll see:

  • A records (IPv4 addresses)
  • AAAA records (IPv6 addresses)
  • MX records (mail servers)
  • TXT records (SPF, DKIM, DMARC)
  • CNAME records (aliases)
  • NS records (name servers)
  • SOA records (zone info)

IP Geolocation:

  • Country, city, region
  • ISP and organization
  • Latitude/longitude

TLS Certificate Results

Certificate Details:

  • Subdomain
  • Issuer (Let's Encrypt, DigiCert, etc.)
  • Valid from / Valid to dates
  • Certificate count
  • Status (valid, expiring soon, expired)

Alerts:

  • Red: Expired certificates
  • Orange: Expiring in <30 days
  • Green: Valid

Port Scan Results

For each IP address:

  • Open ports list
  • Service identification
  • Service versions
  • Risk level (Low, Medium, High, Critical)
  • CVE vulnerabilities
  • CVSS scores
  • Screenshots (HTTP/HTTPS)

Risk Levels:

  • Critical: Known CVEs, high exposure
  • High: Outdated versions, administrative services
  • Medium: Services requiring monitoring
  • Low: Standard services

Similar Domains

Permutations Found:

  • Character substitution (gogle.com)
  • Homoglyphs (gооgle.com with Cyrillic о)
  • TLD variations (.net, .org, .co)
  • Hyphens (g-oogle.com)

For Registered Domains:

  • Screenshot preview
  • IP address and geolocation
  • Risk assessment
  • Registration details

Breach Detection

If breaches found:

  • Breach name
  • Date discovered
  • Description
  • Affected data types

Email Security

SPF Status:

  • Pass: Configured correctly
  • Fail: Issues found
  • Not Found: No SPF record

DKIM Status:

  • Pass: Public key found
  • Fail: Invalid configuration
  • Not Found: No DKIM record

DMARC Status:

  • Pass: Policy configured
  • Fail: Invalid policy
  • Not Found: No DMARC record

Overall Score:

  • 80-100: Excellent
  • 50-79: Needs improvement
  • 0-49: Critical issues

Export Reports

Generate professional reports for stakeholders:

Export Formats

PDF Report

  • Branded SnitchNet template
  • Executive summary
  • Detailed findings
  • Recommendations
  • Charts and statistics
  • Print-ready

CSV Export

  • Spreadsheet-compatible
  • All raw data
  • Easy filtering
  • Import into tools

JSON Export

  • Machine-readable
  • API integration
  • Custom processing
  • Complete data structure

How to Export

  1. Navigate to scan results page
  2. Click "Export" button
  3. Select format (PDF/CSV/JSON)
  4. Wait for generation
  5. Download file

Requirements:

  • Small or Full plan for exports
  • HomeLab plan: view-only

Set Up Scheduled Scans

Automate your security monitoring:

Create Schedule

  1. Go to "Scheduled Scans"
  2. Click "Create Schedule"
  3. Configure:
    • Domain: Select target domain
    • Scan Type: DNS, TLS, Port, Breach, Similar, Email
    • Frequency:
      • Daily: Every day at specified time
      • Weekly: Every week on specified day
      • Monthly: Every month on specified date
  4. Click "Create Schedule"

Manage Schedules

  • Enable/Disable: Toggle active status
  • Edit: Change frequency or time
  • Delete: Remove schedule
  • View History: See past executions

Best Practices

DNS Scans:

  • Daily if making frequent changes
  • Weekly for monitoring

TLS Scans:

  • Weekly for expiration monitoring
  • Monthly for discovery

Port Scans:

  • Weekly for security monitoring
  • After infrastructure changes

Similar Domains:

  • Monthly for brand protection
  • After major campaigns

Breach Detection:

  • Daily for incident response
  • Weekly for monitoring

Email Security:

  • Monthly for compliance
  • After email config changes

Invite Team Members

Collaborate with your team:

Send Invitation

  1. Go to Organization Settings
  2. Click "Team" tab
  3. Click "Invite Member"
  4. Enter email address
  5. Select role (Admin, Member, Viewer)
  6. Click "Send Invitation"

Accept Invitation

Team members will receive an email:

  1. Click invitation link
  2. Sign up or log in
  3. Accept invitation
  4. Access organization

Manage Members

  • Change Role: Update permissions
  • Remove Member: Revoke access
  • Transfer Ownership: Make another member the owner (owners only)

Next Steps

Now that you're set up:

  1. Run Regular Scans: Keep monitoring your domains
  2. Set Up Schedules: Automate security checks
  3. Review Dashboard: Check security score regularly
  4. Fix Vulnerabilities: Act on recommendations
  5. Export Reports: Share with stakeholders
  6. Monitor Breaches: Stay alert for incidents
  7. Protect Brand: Watch for phishing domains

Need Help?

  • Browse documentation for detailed guides
  • Email support: support@snitchnet.com (Small/Full plans)
  • Community forum: community.snitchnet.com (coming soon)

On this page

Create Your AccountSign Up OptionsEmail & PasswordOAuth ProvidersPasskeys (WebAuthn)Two-Factor Authentication (2FA)Create Your OrganizationOrganization SetupTeam RolesOwnerAdminMemberViewerAdd Your First DomainStep 1: Add DomainStep 2: Verify OwnershipVerification ProcessCommon DNS ProvidersTroubleshootingRun Your First ScanRecommended OrderHow to Trigger ScansManual ScansTrigger All ScansScheduled Scans (Small/Full Plans)Understanding ResultsDNS Scan ResultsTLS Certificate ResultsPort Scan ResultsSimilar DomainsBreach DetectionEmail SecurityExport ReportsExport FormatsPDF ReportCSV ExportJSON ExportHow to ExportSet Up Scheduled ScansCreate ScheduleManage SchedulesBest PracticesInvite Team MembersSend InvitationAccept InvitationManage MembersNext StepsNeed Help?
Getting Started