⬡ OPEN SOURCE · NETWORK INTELLIGENCE DSL · v1.1.0

FORTRESS

OSINT · RECON · INTELLIGENCE · SECURITY

A purpose-built scripting language for network reconnaissance and threat intelligence. Write expressive scripts, ship them as standalone executables.

DOWNLOAD FOR WINDOWS fortress-windows-amd64.exe · v1.1.0

Detected: Windows x64

LINUX / MACOS SOURCE CODE

fortress — recon.frt

❯ fortress run recon.frt

┌──────────────────────────────────────┐

│ DOMAIN PROFILE — github.com │

└──────────────────────────────────────┘

A Record : 140.82.114.4

Registrar : MarkMonitor Inc.

Country : United States

ISP : GitHub, Inc.

TLS Days Left : 287 days

Risk Score : 0/100 — MINIMAL

[+] SPF record present

[+] DMARC record present

[+] Certificate is valid

❯

// 01 CAPABILITIES

BUILT FOR INTELLIGENCE

Every keyword, every builtin, every output format designed specifically for network reconnaissance and threat analysis.

DNS INTELLIGENCE

Full A, AAAA, MX, NS, TXT, CNAME resolution. Brute-force subdomain discovery. Zone transfer detection.

PORT SCANNING

TCP port scanning with service fingerprinting and banner grabbing. Custom port lists and adjustable timeouts.

TLS INSPECTION

Certificate details, expiry monitoring, full chain validation, SAN enumeration, and SSL grade checking.

GEOLOCATION & ASN

IP geolocation with city, country, ISP, and coordinates. ASN lookup with BGP prefix and abuse reputation.

EMAIL INTELLIGENCE

Syntax validation, disposable provider detection, MX analysis, breach search, and corporate classification.

BUILD TO EXE

Compile any .frt script into a self-contained executable. Runs on any machine — no Fortress installation needed.

// 02 LANGUAGE

CLEAN SYNTAX

Keywords designed for security workflows. Reads like intent, not boilerplate.

          domain-recon.frt
          .FRT
        
// Prompt for target domain
capture("Target domain: ") -> target

let dns  = resolve(target)
let cert = certinfo(target)
let geo  = geolocate(dns.ips[0])

compute("Host    : " -> dns.host)
compute("IP      : " -> dns.ips[0])
compute("Country : " -> geo.country)
compute("TLS     : " -> str(cert.days_left) -> " days")

each mx in dns.mx {
    compute("MX: " -> mx)
}

          port-watcher.frt
          .FRT
        
let danger = {
    "22": "SSH", "80": "HTTP",
    "3306": "MySQL", "6379": "Redis"
}

capture("Target: ") -> host
let scan = portscan(host)

each p in scan.ports {
    if p.state != "open" { continue }
    if haskey(danger, str(p.port)) {
        compute("[!] EXPOSED: " -> p.port)
    }
}

          cert-monitor.frt
          .FRT
        
let domains = [
    "example.com",
    "api.example.com",
    "admin.example.com"
]

each domain in domains {
    let cert = certinfo(domain)

    if cert.days_left < 14 {
        compute("[!] EXPIRING: " -> domain
            -> " (" -> str(cert.days_left) -> " days)")
    } else {
        compute("[+] OK: " -> domain)
    }
}

report "certs" as "json" {
    checked_at: now(),
    total: len(domains)
}

          build + ship
          SHELL
        
# Run a script
$ fortress run recon.frt

# Build into a standalone exe
$ fortress build scanner.exe recon.frt

# Run the built exe anywhere —
# no Fortress installation needed
$ ./scanner.exe

# Install a library
$ fortress get file=coffee-1.0.0.frtpkg

# Use in scripts
import coffee
coffee.fullReport("target.com")