wtfis: Passive FQDN and Domain Lookup Tool

2 min readAug 13, 2022


I wrote a nifty Python commandline tool for looking up FQDNs and domains using various OSINT sources. It’s definitely useful to me, but I hope it is too to security researchers, incident responders and the like. Check out the project page here:

It’s available in Pypi, so installation is as easy as

$ pip install wtfis

I wrote this because I wanted a faster way to gather information on a hostname or domain. Most of the time, it is the same set of data that I look for, but spread out across different websites.

Instead of numerous keystrokes and mouse clicks, I can simply run a command and get the essential details:

It’s also designed to be easy on the eyes, with text that is organized and color-coded. (I am not a UX designer but I hope I’ve provided just enough niceness to satisfy most users.)

It uses Virustotal, Passivetotal and IPWhois as data sources. A future version will also use Shodan for additional IP enrichment.

Interested? Head to the project page for setup and usage instructions!

Originally published at on August 13, 2022.




Security engineer when not distracted by other things