Infrastructure Deep Dive
Comprehensive infrastructure analysis for security and architecture teams
Get complete visibility into domain infrastructure including WAF detection, load balancer identification, SSL/TLS cipher analysis, and certificate chain validation. Essential for security assessments and architecture reviews.
The Challenge
Understanding the full infrastructure stack behind a domain requires multiple tools and significant manual effort. Security architects need to assess WAF protection, identify load balancers, analyze SSL configurations, and validate certificate chains during assessments.
The Solution
Use EdgeDNS to perform comprehensive infrastructure analysis in a single API. Detect WAF vendors, identify load balancers and reverse proxies, analyze SSL/TLS cipher configurations, and validate complete certificate chains.
Endpoints Used
Combine these EdgeDNS endpoints to build this solution.
/v1/domain/wafTry in PlaygroundWAF Detection: Identify Web Application Firewall vendors
/v1/domain/load-balancerTry in PlaygroundLoad Balancer: Detect load balancing technologies
/v1/domain/reverse-proxyTry in PlaygroundReverse Proxy: Identify reverse proxy configurations
/v1/domain/ciphersTry in PlaygroundSSL Ciphers: Analyze supported cipher suites
/v1/domain/cert-chainTry in PlaygroundCert Chain: Validate complete certificate chain
/v1/domain/serverTry in PlaygroundServer Detection: Identify web server software and version
Results You Can Achieve
Stack mapped from public signals in seconds
WAF, load balancer, CDN, TLS, and protocol coverage from a single API call — typical pentest pre-engagement reconnaissance compressed from hours to a request.
Find missing-WAF and weak-TLS gaps
Classify origin protection, cipher-suite strength, and protocol versions against the configurations expected for the apparent industry.
Repeatable infrastructure documentation
Output is a structured snapshot suitable for as-built diagrams or pen-test scope-of-work attachments.
Code Example
Infrastructure deep dive
async function infrastructureDeepDive(domain) {
const headers = { 'Authorization': 'Bearer YOUR_API_KEY' };
const [waf, lb, proxy, ciphers, certChain, server] = await Promise.all([
fetch(`https://api.edgedns.dev/v1/domain/waf?domain=${domain}`, { headers }),
fetch(`https://api.edgedns.dev/v1/domain/load-balancer?domain=${domain}`, { headers }),
fetch(`https://api.edgedns.dev/v1/domain/reverse-proxy?domain=${domain}`, { headers }),
fetch(`https://api.edgedns.dev/v1/domain/ciphers?domain=${domain}`, { headers }),
fetch(`https://api.edgedns.dev/v1/domain/cert-chain?domain=${domain}`, { headers }),
fetch(`https://api.edgedns.dev/v1/domain/server?domain=${domain}`, { headers }),
].map(p => p.then(r => r.json())));
const findings = [];
// Check WAF protection
if (!waf.data.provider_present) {
findings.push({ severity: 'high', finding: 'No WAF protection detected' });
}
// Check for weak ciphers (grades D and F per current 2026 baseline)
const weakCiphers = ciphers.data.reference_ciphers.filter(c => c.grade === 'D' || c.grade === 'F');
if (weakCiphers.length > 0) {
findings.push({ severity: 'medium', finding: `${weakCiphers.length} weak ciphers supported` });
}
// Check cert chain validity
const chainValid = certChain.data.isComplete && certChain.data.hasValidRoot;
if (!chainValid) {
findings.push({ severity: 'high', finding: 'Certificate chain validation failed' });
}
return {
domain,
infrastructure: {
waf: waf.data.primaryProvider,
loadBalancer: lb.data.detected,
reverseProxy: proxy.data.detected,
},
ssl: {
strongCiphers: ciphers.data.reference_ciphers.filter(c => c.grade === 'A' || c.grade === 'B').length,
weakCiphers: weakCiphers.length,
certChainValid: chainValid,
},
findings,
};
}Learn More
Explore industry standards and best practices related to this use case.
Ready to build Infrastructure Deep Dive?
Get started with 200 free API requests per month. No credit card required.