Are the HackerTarget IP tools free to use?

Yes. All 18 tools are free to use via the web forms with no sign-up required. Free users also get API access limited to 50 calls per day. A paid membership removes this limit and unlocks higher daily quotas, unlimited results (free results are capped at 50 lines), and access to 28 additional vulnerability scanners and tools.

What is the API rate limit for HackerTarget?

Free users are limited to 50 API calls per day from a single IP address, with a maximum rate of 2 requests per second. Exceeding the rate limit returns HTTP 429. Members receive a higher daily quota based on their plan. Additional API credits can be purchased: 100,000 credits for $250 USD or 1,000,000 credits for $1,400 USD, which activate automatically once the daily quota is exhausted.

How do I authenticate with the HackerTarget API?

Free access requires no authentication — simply append the target to the q= parameter. Members authenticate using their API key, available in the user dashboard. Authentication supports two methods: (1) Query parameter — append &apikey=YOUR_KEY to the URL, e.g. https://api.hackertarget.com/dnslookup/?q=example.com&apikey=YOUR_KEY. (2) HTTP header — pass X-API-Key: YOUR_KEY in the request header. API key access must use HTTPS.

How do I monitor my API quota usage?

Quota usage is returned in HTTP response headers on every API request. Use curl -i to inspect headers. The x-api-quota header shows your total daily allowance and x-api-count shows how many calls you have made so far today. If you have purchased a credit boost, x-api-boost shows your remaining credit pool.

Do any of the tools send traffic directly to the target?

Many tools are passive, meaning no packets are sent directly to the target IP ranges — DNS lookups, Whois, IP Geolocation, Reverse IP and AS Lookup fall into this category. Tools that do generate traffic — such as Traceroute, Ping, TCP Port Scan, UDP Port Scan and Banner Grabbing — originate from HackerTarget infrastructure, providing an abstraction layer between your IP range and the target. This is useful for Red Team operations and investigations where non-attribution is a priority.

What output formats does the HackerTarget API return?

The default output format is plain text, which is compatible with curl, python, php, and any standard HTTP client. Selected endpoints also support JSON output. All API endpoints follow a consistent format: https://api.hackertarget.com/{tool}/?q={target}

What is the Domain Profiler and how does it differ from the individual tools?

The Domain Profiler automates reconnaissance against a domain name in a single pass, combining DNS lookup, Whois, reverse IP, host search, port scanning and more. Where the individual tools require manual pivoting between results, the Domain Profiler chains these techniques together and presents the results with visual network diagrams showing relationships between domains, subdomains and IP addresses. Results can be exported in multiple formats. It is available to members via a Scan Membership.

Can I integrate HackerTarget tools with other security platforms?

Yes. In addition to the API, HackerTarget provides Maltego transforms for pivot-based investigation workflows, and an official Chrome extension for fast access to IP tools directly in the browser. The API is compatible with any HTTP client including curl, Python requests, and PHP.

IP Tools for Security and Network Testing

DNS & IP Tools provide tactical intelligence to the Security Operation Center (SOC) and Penetration Testers. Use these tools to map the attack surface of a target, identify security weaknesses, and streamline incident response. Quickly collect data on IP Addresses, Networks, Web applications and DNS records.

These information gathering tools serve as tactical reconnaissance tools. Quickly gather relevant information and pivot into deeper enumeration using port scanners, web page analysis and other more aggressive tools.

Automation & Integration: All tools are accessible via the web forms below or through our easy to use API, third party integrations (Splunk, Maltego etc), and the official Chrome extension.

API Documentation Limits & Quotas Chrome Ext FAQ

IP and Network Tools

All tools available via web form and API. No sign-up required for free access.
Click a tool name for detailed notes and example results.

Network tests

MTR Traceroute

Trace path hop-by-hop with latency. Network path analysis and latency troubleshooting.

api.hackertarget.com/mtr/?q={target}

Test Ping

Round-trip time and packet loss. Connectivity testing and availability checks.

api.hackertarget.com/ping/?q={target}

DNS

DNS Lookup

Resolve Standard Records for a Domain (A, MX, NS, TXT). Initial reconnaissance and domain analysis.

api.hackertarget.com/dnslookup/?q={target}

Reverse DNS

Reverse lookup an IP or IP range. Infrastructure correlation and threat actor profiling.

api.hackertarget.com/reversedns/?q={target}

Host Search

Discover subdomains and A records. Subdomain enumeration and attack surface mapping.

api.hackertarget.com/hostsearch/?q={target}

Zone Transfer

Test for DNS AXFR leaks. Identify DNS misconfigurations and data exposure.

api.hackertarget.com/zonetransfer/?q={target}

Whois Lookup

Registrant and ASN details. Ownership identification and domain history.

api.hackertarget.com/whois/?q={target}

IP Address

IP Geolocation

Country, City and ISP data. Geographic attribution and infrastructure mapping.

api.hackertarget.com/geoip/?q={target}

Reverse IP

Find hostnames on the same IP. Find domains sharing the same hosting infrastructure.

api.hackertarget.com/reverseiplookup/?q={target}

TCP Port Scan

Scan common TCP ports. Attack surface enumeration and firewall analysis.

api.hackertarget.com/nmap/?q={target}

UDP Port Scan

Scan common UDP ports. UDP service discovery and exposure analysis.

api.hackertarget.com/nmap/?q={target}&udp=1

Subnet Lookup

Calculate network ranges and CIDR. Network range calculation and CIDR analysis.

api.hackertarget.com/subnetcalc/?q={target}

AS Lookup

ASN, Owner, and IP range lookup. Autonomous system identification and BGP analysis.

api.hackertarget.com/aslookup/?q={target}

Banner Search

Service version fingerprinting. Service fingerprinting and version detection.

api.hackertarget.com/bannerlookup/?q={target}

Web Tools

HTTP Headers

Server and security header audit. Web application fingerprinting and security header audit.

api.hackertarget.com/httpheaders/?q={target}

Page Links

Extract all links from a URL. Link discovery and web crawl preparation.

api.hackertarget.com/pagelinks/?q={target}

Many of these tools are passive, meaning no packets are sent directly to the target IP ranges. For tools that do generate traffic, scanning from our infrastructure provides an abstraction layer between your own IP range and the target. This is particularly useful for investigations or Red Team operations where non-attribution is a priority.

To ensure service availability and minimize abuse, the following limits apply to the Free tier:

Web Access: Ad-hoc queries via the individual tool forms.
API Access: Rate-limited automation for rapid reconnaissance.
Quotas: Free users are limited a maximum of 50 API calls per day (depending on the tool).

IP Tools API Documentation

The HackerTarget API streamlines access to network intelligence for security evaluation. All tools listed in the table above are accessible using your client of choice such as curl, a web browser or a scripting language (php, python).

Quick Start (No Auth)

Free access requires no sign-up or API key. Simply append the target IP or hostname to the q= parameter.

Output Formats: Plain Text (Default) or JSON (selected endpoints).
Clients: Compatible with curl, python, php, or any standard HTTP client.

Member Authentication

Members get full access to the API endpoints. Find your API key in the user dashboard. Access with the API key must use HTTPS.
Authentication can be handled via two methods:

Query Parameter:
Append the key directly to the URL string using the &apikey= parameter:
https://api.hackertarget.com/dnslookup/?q=example.com&apikey=YOUR_KEY

HTTP Header:
Pass the key in the request header using X-API-Key:
X-API-Key: YOUR_KEY

Example requests

Use these standard curl patterns to integrate the tools into your workflow:

curl "https://api.hackertarget.com/dnslookup/?q=hackertarget.com&apikey=plmoknijbuhvygvtrgedsfghhhhkjhkhfsk"

curl -H "X-API-Key: zzzzzzaaaaaaaa" "https://api.hackertarget.com/whois/?q=hackertarget.com"

Example: Examining Headers

test@thematrix:~$ curl -i https://api.hackertarget.com/geoip/?q=1.1.1.1
HTTP/2 200
server: nginx
date: Thu, 19 Feb 2026 01:17:26 GMT
content-type: text/plain; charset=utf-8
content-length: 78
x-api-quota: 51
x-api-count: 8 
x-api-boost: 100 000
access-control-allow-origin:*

IP Address: 1.1.1.1
Country: Australia
Latitude: -33.494
Longitude: 143.2104

Automate reconnaissance with Domain Profiler

Run all of these tools against a target domain in a single pass. Domain Profiler chains DNS, Whois, reverse IP, port scanning and more into one automated report.
Useful when you need a full picture of an organisation's Internet-facing infrastructure quickly.

View Domain Profiler

Service Limits & Quota Monitoring

The current users API quota and usage can both be monitored by examining the HTTP Headers of the response from the API endpoint. The curl -i command will display the HTTP Headers as part of the output. The x-api-quota reports on the current users API quota and the x-api-count shows the current API usage count for the day.

To ensure reliability and prevent abuse, the following constraints apply to all API requests.

Rate Limits & Headers

Free daily cap: 50 calls per day
Rate limit: 2 req/s — breach returns HTTP 429
Caching: Some endpoints — see ToS
x-api-quota: Total daily allowance
x-api-count: Calls used today
x-api-boost: Purchased credits remaining

Boost API Credits

Available now for all Members. Credits activate automatically once your daily quota is exhausted. Membership allowance always applies first.

Starter

100,000 credits

USD$250

$0.0025/credit

Pro BEST VALUE

1,000,000 credits

USD$1,400

$0.0014 ?44%

Contact Sales to Order

hackertarget.com/ip-tools/

Chrome Extension for Fast Access to IP Tools

Instant intelligence, without leaving your tab.

DNS, Whois, IP Geolocation, Port Scan and more. One click away directly in Chrome.

Download from Chrome Store

Frequently Asked Questions

Common questions about the tools, API limits and membership.

Yes. All 18 tools are free via the web forms with no sign-up required. Free users get API access limited to 50 calls per day from a single IP. Membership removes this limit, unlocks higher quotas, unlimited results (free capped at 500 lines), and 28 additional vulnerability scanners.

Free users: 50 calls/day, max 2 req/s. Exceeding returns HTTP 429. Members get higher quotas. Additional credits: 100,000 for $250 USD or 1,000,000 for $1,400 USD — activating automatically once the daily quota is exhausted.

Free access needs no authentication. Members use their API key from the user dashboard via query parameter (&apikey=YOUR_KEY) or HTTP header (X-API-Key: YOUR_KEY). Must use HTTPS.

Every API response includes usage headers. Use curl -i to inspect. x-api-quota shows your daily allowance, x-api-count shows calls made today, x-api-boost shows remaining purchased credits.

Many are passive. DNS Lookup, Whois, IP Geolocation, Reverse IP and AS Lookup send no packets to the target. Active tools including Traceroute, Ping, TCP/UDP Port Scan and Banner Grabbing originate from HackerTarget infrastructure, providing an abstraction layer useful for non-attribution operations.

Plain text by default, compatible with curl, Python, PHP, or any HTTP client. Selected endpoints also support JSON. All follow the pattern: https://api.hackertarget.com/{tool}/?q={target}

Click any tool name in the table above. Each individual tool page includes example output.

The Domain Profiler automates reconnaissance in a single pass incl DNS, Whois, reverse IP, port scanning and more, with visual network diagrams showing domain, subdomain and IP relationships. Individual tools require manual pivoting. Available to members.

Yes. HackerTarget provides third party integrations (Splunk, Maltego etc) for pivot-based workflows and an official Chrome extension for in-browser access. The API works with any HTTP client including curl, Python requests and PHP.

Next Level Your Technical Network Intelligence

Get Access Now

2.75 Billion Host A records
2.1 Billion Network Service Banners
2 Million Vulnerability Scans performed per year

Network

Web

CMS Apps

Recon

Network Tests

DNS Queries

IP Address

Web Tools

Blog

Most Popular

IP Tools

IP and Network Tools

IP Tools API Documentation

Quick Start (No Auth)

Member Authentication

Example requests

Service Limits & Quota Monitoring

Chrome Extension for Fast Access to IP Tools

Frequently Asked Questions

Are the tools free to use?

What is the API rate limit?

How do I authenticate with the API?

How do I monitor my quota usage?

Do any tools send traffic to the target?

What format does the API return?

Where can I see example results for each tool?

What is the Domain Profiler and how does it differ from the individual tools?

Can I integrate with other security platforms?

Next Level Your Technical Network Intelligence