FATT

Find All The Things

A high-performance, modular, asynchronous, and distributed security scanning CLI tool designed to rapidly identify sensitive or exposed files and directories across millions of domains.

FATT Security Scanner Mascot - A cartoon crab with a blue hoodie, red claws, and sunglasses surrounded by computer monitors

terminal — fatt --help

$ fatt --help

FATT - Find All The Things v1.0.0

A high-performance security scanning tool

USAGE:

fatt [SUBCOMMAND]

SUBCOMMANDS:

scan Scan domains for sensitive files

rules Manage scanning rules

results Query and export scan results

dns Manage DNS cache

worker Control distributed worker nodes

$ _

Key Features

High Performance

Built in Rust for maximum speed and efficiency, scanning thousands of domains per minute

Asynchronous

Leverages Tokio for concurrent scanning operations, maximizing throughput

Distributed

Scales horizontally across multiple worker nodes for enterprise-level scanning

Modular

Easily extend with custom scanning rules via YAML configuration

Persistent DNS Cache

Dramatically improves scanning speed for repeat operations

Comprehensive Reporting

SQLite storage for efficient result management and analysis

Quick Start

# Install via Cargo
cargo install fatt

# Or build from source
git clone https://github.com/copyleftdev/fatt.git
cd fatt
cargo build --release

Performance Tuning

FATT is designed for high performance but can be further optimized:

-c/--concurrencyIncrease concurrent scanning operations (default: 100)
-b/--batch-sizeAdjust domain batch processing size (default: 1000)
--dns-ttlOptimize DNS cache lifetime in seconds (default: 3600)
--timeoutSet request timeout in milliseconds (default: 5000)