Exposure intelligence

Know what your public web assets expose, and what to fix first.

Run a read-only scan for TLS, headers, DNS, and visible infrastructure. Sign in to turn the snapshot into verified assets, exposure history, and monitoring.

Scope

Public web assets

Input

One domain

Output

Ranked findings

Exposure scan

See the public exposure your site presents right now.

Enter a public domain. Get a fast result, then decide whether to track it in the workspace.

Try an example

No login needed. Public domains only. One scan per IP per hour.

Result format

38High Risk
01Weighted exposure score
02Top findings with evidence
03Workspace path for history
01
Weighted score

Exposure score

A single number that maps how open your perimeter is before someone else does.

02
Risk-ranked results

Attack-path ranked

The issues most likely to be exploited surface first. The rest do not bury what matters.

03
Persistent workspace

Continuous history

Posture that is not tracked degrades silently. Own the record before a gap becomes a pattern.

What it proves

The first pass stays narrow, external, and verifiable.

We only surface signals that can be verified without credentials or assumptions. That keeps the result useful instead of noisy.

External only · No auth
TLS configuration

Expired certificates invite impersonation

A lapsed cert is a public signal your perimeter isn't maintained — and a stepping stone to trust abuse.

Security headers

Missing headers turn your site into a delivery vehicle

Without proper policies, your domain can be framed, spoofed, or used to attack your own users.

DNS exposure

Stale DNS records are lateral movement starting points

Misconfigured SPF, DKIM, and MX records turn your domain into a spoofing platform — even after an asset is decommissioned.

Subdomain signals

Your stack is already being fingerprinted

Visible routing and server signals reduce the reconnaissance work before your infrastructure is targeted.

Findings specimen

A result should read like an instrument, not a checklist.

The score reflects exploitability weight, not a flat count of issues. Findings are ordered by the risk they create, not just the control they touch.

Security score

Current result
Security score gauge
74

Score / 100

Needs review

Weighted across TLS, headers, DNS, and infrastructure signals.

Validated findings

Representative issues from a public domain scan

  • highEvidence-backed

    Missing content security policy

    Without CSP, your domain can be used to deliver injected scripts to your own users.

  • mediumEvidence-backed

    Certificate renewal window is narrowing

    When this lapses, impersonation becomes trivial and trust breaks publicly — not quietly.

  • lowEvidence-backed

    Edge stack is externally fingerprintable

    Every exposed routing hint cuts the reconnaissance work before a targeted attack.

Weighted score

Reflects exploitability weight, not a flat count of findings.

Risk ordering

Entry-point risks surface first. Do not bury what an attacker would use first.

Workspace history

A score trending down is a perimeter opening. Track it before it becomes noise.

Workspace record

The workspace is the record, not just another screen.

A scan is a snapshot. The workspace keeps ownership, history, and drift in the same place so you can act on the change, not the noise.

AssetsVerified domains tied to ownership, not guesswork.

FindingsIssues ranked by what matters first.

TrendScore drift over time, so change stays visible.

example.com

Last scanned 2h ago

82
StatusStrong

shop.example.com

Last scanned 2h ago

61
StatusReview

api.example.com

Last scanned 2h ago

44
StatusAttention

2

Critical

7

High

14

Medium

Boundary rules

Read-only, public-only, and rate-limited by default.

No surprises
Public domains only

Public domains only

Validates internet-facing targets and blocks internal or private addresses.

Read-only analysis

Read-only analysis

The scanner only observes externally visible signals — it never modifies, writes, or interacts with your site.

Rate-limited

Rate-limited by design

Built-in limits keep free discovery safe, predictable, and resistant to abuse.

Get started

Move from a scan to a system of record.

Start with a public scan. Keep the result in a workspace that knows what is owned, what is changing, and what needs attention first.

Run exposure scanSign inCreate workspace
01Run a public scan without logging in.
02Keep verified assets and score history in the workspace.
03Track drift before it turns into customer-facing failure.
Back to top