Automated security testing
fordevelopers.

Defenty orchestrates nuclei, ffuf, katana, and 17 professional tools against your domain — automatically. Exposed secrets, open ports, CVEs, misconfigurations. Results in minutes.

See example report
No signup required·Real vulnerabilities in minutes·Free scan available
Built for:Next.js·Supabase·Firebase·Vercel·AWS·Netlify
defenty — security scanrunning
Process

From domain to security report in minutes

A coordinated pipeline — each phase feeds the next.

01

Enter your domain

No agents, no plugins, no account required. Just your domain and the email to receive your report.

02

Attack surface mapping

subfinder, katana, and nmap enumerate subdomains, open ports, live endpoints, and technology stack across your entire domain.

03

Active security probing

Tools run against every entry point:

  • nuclei fires 3,800+ vulnerability templates
  • ffuf fuzzes directories and sensitive paths
  • 10 specialized modules: secrets, DNS, JS deep analysis, cloud exposure, attack chains
  • Dev Checks test rate limiting, CAPTCHA, admin panels
  • testssl audits TLS configuration and known weaknesses

04

Prioritized findings

Your report includes:

  • Security score (0–100) with exploitability rating
  • Correlated attack chains — see how vulnerabilities combine
  • Fix snippets with real code for your stack

Export as PDF, JSON, or HTML.

Scan time: ~5 min (free scan) to ~60 min (full recon), depending on domain complexity.

Coverage

Complete security coverage

Six automated stages map the entire attack surface of your domain. Coverage depth varies by plan.

1 / 6Pipeline

Discovery

Initial mapping of infrastructure and digital presence.

  • technology stack detection
  • hosting and infrastructure identification
  • subdomain enumeration
  • DNS intelligence: DNSSEC, NS/MX analysis, zone transfer attempts
httpx — asset discovery
HOST
STATUSTECH
api.example.com
200Node.js
admin.example.com
403Next.js
staging.example.com
200React
mail.example.com
Postfix
cdn.example.com
200Cloudflare
dev.example.com
200Vite
[+] 6 hosts · subfinder + dnsx + httpx

2 / 6Pipeline

Infrastructure & Ports

Everything exposed in your infrastructure — services, ports, and configurations.

  • full port and exposed service scan (Infrawatch+, up to 65,535 on DeepRecon)
  • detection of sensitive services: Redis, MongoDB, Elasticsearch, Docker API
  • security header and TLS/SSL configuration audit
  • technology and service version fingerprinting
  • email security verification (SPF, DMARC and DKIM)
BTLS
Security Headers2/6 ok
CSP HSTS X-Frame X-Content Referrer Permissions

Open Ports5 services exposed

:80HTTP
:443HTTPS
:22SSH
:8080Dev HTTP
:3306MySQL

3 / 6Pipeline

Secrets & Credentials

We track credentials and sensitive keys that may be exposed without your knowledge.

  • secret detection in frontend JavaScript files (20+ credential providers)
  • identification of AWS, Stripe, Firebase, GitHub, OpenAI, Anthropic, and other API keys
  • Firebase and Supabase RLS testing — available on paid plans (up to 30 tables on DeepRecon)
  • deep JS analysis: DOM XSS sinks, postMessage misuse, prototype pollution
trufflehog + gitleaks — secret scan
Secrets found3 found
AWS_ACCESS_KEY_IDEXPOSED
AWS Key · bundle.js
STRIPE_SECRET_KEYEXPOSED
Stripe key · app.js
FIREBASE_API_KEYEXPOSED
Firebase API Key · config.js
[+] 3 secrets · 2 sources scanned

4 / 6Pipeline

Dev Security Checks

Security maturity checks for modern web applications.

  • brute force and login abuse protection
  • CAPTCHA and rate limiting detection
  • cookie flags and CSP policy analysis
  • stack-specific probes: Next.js data leaks, WordPress xmlrpc, Supabase misconfigs
  • sensitive file detection (.env, backups, configs)

4

Failed

2

Passed

Dev Security Checks

Rate limiting on loginfail
CAPTCHA on login formfail
Admin panel exposed (/admin)fail
.env file accessiblefail
Cookie security flagspass
SRI on external scriptspass

5 / 6Pipeline

Vulnerability Detection

Automated search for known vulnerabilities and common flaws.

  • 3,800+ automated security checks
  • CVE detection in frameworks and plugins
  • attack chain correlation — multi-step exploit paths detected (WebSecurity+)
  • cloud exposure: S3 buckets, Azure Blob, GCP Storage, Firebase RTDB (Infrawatch+)
  • response intelligence: cache poisoning, CRLF injection, header leaks
Findings by severity22 total
CRITICAL
2
HIGH
3
MEDIUM
5
LOW
4
INFO
8
Top findings
CRITICAL.env file accessible at /.env
CRITICALMySQL (3306) exposed on internet
HIGHAPI key exposed in JavaScript

6 / 6Pipeline

Complete Report

All findings consolidated into a clear and actionable report.

  • security score (0–100) with trend analysis across scans
  • exploitability score — real risk level for your business
  • executive report with findings prioritised by impact
  • remediation snippets with real code for your framework
  • attack chain narrative — step-by-step how an attacker would proceed (WebSecurity+)
  • export in JSON, HTML, or PDF
Grade D

Action Plan

Fix immediately — 2 issues
This week — 3 issues
When possible — 5 issues

Export Report

JSONHTMLPDFpaid plans
Report

Complete report. Real risks.

See how Defenty presents the risks found in your domain.

defenty.com/report/example.com
preview
Report
Vulnerabilities
Compliance & Defenses
Attack Surface
History
31/100
Grade D
Exploitability:HIGH
↓ 12 pts vs last scan
CRITICAL2
HIGH3
MEDIUM4
LOW1
INFO8
Attack surface
12Subdomains
4Login Pages
162Endpoints
3Technologies

Top findings

critical
.env file publicly exposed at /.env+18 pts

DATABASE_URL=postgres://admin:p4ss@db.internal/prod · SECRET_KEY=sk_live_...

Risk context

File contains DATABASE_URL, SECRET_KEY and API tokens — direct access to the database.

critical
Exposed administrative subdomains found+15 pts

api.example.com · admin.example.com · staging.example.com

high
API key exposed in JavaScript bundle+10 pts

AIzaSyD_Key45afea534••••••4fefe · main.chunk.js:2847

high
Login endpoint with no rate limiting — brute force possible+9 pts

POST /api/login · POST /api/auth/token · no CAPTCHA, no blocking

medium
Content-Security-Policy missing+5 pts

Attack Chain

CRITICAL PATH
1.env exposed at /.env
2DB credentials leaked
3Direct database access

Remediation

Next.js
// next.config.js
headers: () => [{
  source: '/(.*)',
  headers: [
    { key: 'Strict-Transport-Security',
      value: 'max-age=63072000' },
    { key: 'Content-Security-Policy',
      value: "default-src 'self'" },
  ]
}]

Security Headers

HSTS
CSP
X-Frame
X-Content
Referrer
Permissions

SSL / TLS

Certificate
Validity287d
TLS 1.3
TLS 1.2
TLS 1.0legacy ⚠
WAFNot detected

Email Security

SPF
DMARC
DKIM
Illustrative preview — your real report will reflect your domain, with export in JSON, HTML and PDF.
Pricing

Pricing

Choose a plan based on what you need to cover.

Legend:IncludedLimitedNot included

QuickScan

Free

  • Security score
  • Top vulnerabilities
  • TLS analysis
Most popular

WebSecurity

$27

  • Stack-specific security probes
  • Correlated attack chains
  • Login security & secrets detection

InfraWatch

$47

  • Deep JS analysis (DOM XSS · postMessage)
  • Cloud exposure (S3 · Azure · GCP · Firebase)
  • Full port scan + service detection

DeepRecon

$75

  • Deep session & auth testing
  • OSINT (breaches · GitHub dorks · pastes)
  • Advanced vulnerability scan
Most popular

Feature

QuickScan

Free

Fast attack surface scan

  • Security score
  • Top vulnerabilities
  • TLS analysis
  • Security headers
  • DNS analysis (DNSSEC · NS · MX)

Without this scan, you're exposed to:

  • Sensitive data exposed publicly
  • Missing headers — direct GDPR violation
  • Expired SSL blocks users and tanks SEO
  • Forgotten subdomains accessible by anyone
  • Reputation damage with clients and partners

WebSecurity

$27

Web application security analysis

1 rescan included

  • Stack-specific security probes
  • Correlated attack chains
  • Login security & secrets detection
  • Fix snippets with real code
  • Executive AI report + trend analysis

Without this scan, you're exposed to:

  • API credentials exposed in public JS files
  • Without attack chains, you won't see how vulnerabilities combine
  • No stack-specific probes miss Next.js / Supabase-specific flaws
  • Subdomain takeover by attackers
  • GDPR fine: up to €20M per incident
  • Mandatory breach notification to regulators

Re-scan the same domain within 30 days of the initial scan — ideal to validate the fixes you applied.

InfraWatch

$47

Exposed infrastructure analysis

1 rescan included

  • Deep JS analysis (DOM XSS · postMessage)
  • Cloud exposure (S3 · Azure · GCP · Firebase)
  • Full port scan + service detection
  • Advanced DNS intelligence

Without this scan, you're exposed to:

  • Database directly exposed to the internet
  • DOM XSS sinks and postMessage vulnerabilities undetected
  • S3 / Azure / GCP buckets publicly writable
  • Silent compromise with no alerts triggered
  • Civil liability for proven security failures

Re-scan the same domain within 30 days of the initial scan — ideal to validate the fixes you applied.

DeepRecon

$75

Complete offensive security analysis

1 rescan included

  • Deep session & auth testing
  • OSINT (breaches · GitHub dorks · pastes)
  • Advanced vulnerability scan
  • AI Attack Scenario (exclusive)

Without this scan, you're exposed to:

  • Session fixation and IDOR vulnerabilities undetected
  • Leaked credentials on breaches enable account takeover
  • Full production environment compromise
  • Mandatory breach reporting to regulators (GDPR art. 33)
  • Fine up to 2% of annual global revenue
  • Irreversible reputational damage and lost contracts

Re-scan the same domain within 30 days of the initial scan — ideal to validate the fixes you applied.

Security Score
Technology detection
Security headers
SSL/TLS analysis
Subdomain enumeration
DNS analysis (DNSSEC · NS · MX)
Developer security checks
JavaScript secrets detection
Login security checks
WAF detection
Email security (SPF · DMARC · DKIM)
Historical URLs
XSS scanning
Stack-specific security probes
API endpoint fuzzing
Correlated attack chains

One-time payment, no subscription. All plans include email report and AI analysis.

Get started

Run your first scan now

No agents. No signup. Just your domain.

Free scan covers SSL, DNS analysis, security headers, subdomains, and critical vulnerabilities — in under 5 minutes. Paid plans add attack chain correlation and stack-specific remediation.

No account requiredResults in minutesFree scan to full recon