# arcline-audit

One-command site health auditor. Checks SSL, HTTP security headers, DNS records, redirect chains, and basic infrastructure info for any domain.

Useful for onboarding new clients and producing a quick written report before an engagement starts.

## Status

Planned. Not yet started.

## Stack

- Go — single static binary, no runtime dependencies
- Reuses internal packages from `arcline-check` (ASN/CDN detection)

## Usage

```sh
arcline-audit example.com
arcline-audit example.com --checks ssl,dns,headers
arcline-audit example.com --json
arcline-audit example.com --out report.txt
```

## Checks

| Group | What it checks |
|---|---|
| SSL/TLS | Validity, expiry, chain, TLS version, cipher warnings |
| HTTP | Redirect chain, security headers, server disclosure, response time |
| DNS | A/AAAA, MX, SPF, DKIM, DMARC, DNSSEC, rDNS match |
| Infrastructure | ASN/org, CDN detection, common open ports |

See [todo.md](todo.md) for the full task list and output format spec.

## License

MIT — see [LICENSE](LICENSE).