$ pentest_scanner

Passive + light active security checks on a URL you control.

⚠ Only scan systems you own or have written permission to test. Unauthorized scanning may be illegal.

Target URL

ModulesHTTP security headersTLS / certificateTech fingerprint & info disclosureUnprotected admin/dev pathsActive probes (XSS / SQLi / redirect / CORS)JS endpoints & secret leaks

No data is stored. Scans run server-side and results live only in this tab.