HOW IT WORKS

From URL to full breach report
in 10 automated steps.

No manual configuration. No false-positive tuning. Paste a URL and the platform handles everything - crawling, detection, graph assembly, AI analysis, and report generation.

01

Enter Your Target URL

Paste the URL of any website you own or have written permission to test. The platform accepts any publicly reachable web application.

Works with single-page apps, multi-page sites, and APIs
Supports authenticated scans via session cookie injection
Validates the URL format before launching the crawler

02

Automated Web Crawling

A headless Chromium browser navigates the entire site the way a real user would - clicking links, submitting forms, following redirects.

Discovers pages, API endpoints, login flows, and file uploads
Extracts URL parameters, form fields, and authentication flows
Handles JavaScript-heavy SPAs that static crawlers miss

03

Vulnerability Detection

40+ rule-based detectors analyse every page, parameter, header, cookie, and source file for common web vulnerabilities - without sending a single malicious payload.

IDOR, XSS, Open Redirect, Sensitive Parameters, API Exposure
Brute Force & Rate Limiting - detects unprotected login endpoints
Cookie Security - flags missing HttpOnly, Secure, SameSite flags
CORS Misconfiguration, Clickjacking, SSL/TLS, Missing Headers
Directory Exposure - probes 30+ sensitive paths (/admin, /.env, /backup…)
Exposed Secrets - scans source for API keys, tokens, private keys
Subdomain Enumeration & Takeover detection
Prompt Injection - detects unguarded LLM input endpoints
Jailbreak Threats - flags AI endpoints missing auth guardrails
Output Data Leakage - scans AI responses for PII and system prompt leaks
Hazardous AI APIs - identifies public /generate, /chat, /completions endpoints
Unmonitored Retraining - detects exposed /train and /fine-tune endpoints
Default Credentials - tests login endpoints with common admin/admin combos
Open Port Exposure - scans for exposed database and service ports
Missing DMARC/SPF - checks email spoofing protection on the domain

04

Risk Scoring

Each vulnerability is assigned a CVSS-based severity (Critical / High / Medium / Low) and contributes to an overall risk score out of 100.

Weighted by severity: Critical counts 4×, High 2×, Medium 1×
Overall risk capped at 100 and colour-coded (red → green)
Breakdown by category shown in the risk panel

05

Attack Chain Assembly

14 pre-built exploit chain templates map detected vulnerabilities to realistic attacker journeys - from initial entry point to crown jewel impact.

Templates: Full Account Takeover, Data Exfiltration, XSS Session Hijack, Admin Takeover, Phishing via Open Redirect, Clickjacking + XSS, Secrets Exfiltration, CORS Data Theft, Cookie Theft, Directory Traversal, Insecure Cache Replay, Subdomain Hijack, Default Credentials Takeover, AI Prompt Injection Chain
Chains are only generated when matching vulnerabilities are found
Each chain includes severity, risk score, and step-by-step path

06

Attack Graph Visualisation

The graph engine renders the attack chains as an interactive node-link diagram - showing exactly how weaknesses connect into breach routes.

Nodes represent attack steps; edges show the attacker's movement
Colour-coded by step type: entry (indigo), pivot (orange), impact (red), asset (gold)
Click any chain in the sidebar to highlight the corresponding path

07

AI Breach Narrative

Llama 3 (via Groq) reads the scan results and writes a plain-English story describing exactly how an attacker would exploit the findings.

Generated on demand after a scan completes
Explains the attack in non-technical language for executive audiences
Highlights the most dangerous chain and its business impact

08

PDF Report Download

A DomPDF-rendered PDF packages findings, risk scores, and step-by-step remediation into an audit-ready document in seconds.

One-click download from the dashboard or scan detail page
Includes all findings, CVSS scores, affected URLs, and descriptions
Formatted for sharing with stakeholders and compliance teams

09

Scan Comparison

Compare any two completed scans of the same domain side-by-side to track your security progress over time.

Three-column diff: New Issues / Unchanged / Resolved
Risk score delta badge shows improvement or regression at a glance
Dropdown to select which historical scan to compare against

10

Vulnerability Notes

Annotate individual findings with analyst status tags and free-text comments - without leaving the scan report.

Status options: Accepted Risk / False Positive / In Progress / Fixed
Notes save instantly via AJAX - no page reload
Yellow star indicator shows annotated findings at a glance

FAQ

Common questions

Yes - the scanner uses passive detection techniques. It does not inject payloads, modify data, or send malicious requests. It analyses what it observes during normal navigation.

Most scans complete in under 2 minutes. Larger sites with many pages and API endpoints may take slightly longer.

Just a free account and a URL you own or have permission to test. No software to install, no API keys required for basic scanning.

No. This platform is for authorised security testing only. Scanning systems without written permission is illegal in most jurisdictions.

Free accounts can run 1 scan. Upgrade to Pro for unlimited scans and priority processing.

After a scan, the vulnerability data and attack chains are processed by an AI model that writes a contextual breach story tailored to your specific findings.

See it in action

Run a free scan on your own site and get results in under 2 minutes.

Start Free Scan About Us

From URL to full breach report in 10 automated steps.