Free Security Recon

See What Attackers See

10 automated checks. One scored report card (A-F). Exposed assets, vulnerabilities, leaked credentials, email spoofing risk, and brand impersonation. Free, no strings attached.

Built on our open-source OpenEASD engine

Submit Your Domain

Enter your company domain and work email below

We Scan & Analyse

Our team runs an external, non-intrusive reconnaissance of your digital footprint

Get Your Report

Receive a summary of exposed assets and actionable recommendations

10 Checks, One Report

Your External Attack Surface

Every scan produces a scored report card (A-F grade) covering infrastructure, application, email, brand, and credentials.

Exposed Subdomains & Assets

Forgotten staging servers, dev environments, and shadow IT that attackers find first

Open Ports & Services

Publicly accessible services, admin panels, and databases that shouldn't be exposed

SSL/TLS Configuration & Expiry

Weak ciphers, deprecated protocols, and how many days until your certificate expires

Email Spoofing Score (A-F)

Can someone send emails pretending to be you? We grade your SPF, DKIM, and DMARC setup

Leaked Credentials

Employee emails and passwords found in known breach databases

Technology Fingerprinting

Your publicly visible tech stack, versions, and whether they have known vulnerabilities

Web Security Headers

Missing Content-Security-Policy, HSTS, X-Frame-Options, and other browser-level protections

Known Vulnerability Detection

Automated scan for known CVEs, misconfigurations, default credentials, and exposed admin panels

Certificate & Domain Health

SAN coverage gaps, certificate chain issues, and HTTPS enforcement across all subdomains

Typosquatting & Brand Impersonation

Lookalike domains registered by others that could be used for phishing your customers or employees

Get Your Free Security Snapshot

Enter your domain and we'll email you an A-F graded report within 48 hours.

Full Name

Your Role

Select your role

Work Email

Company Name

Primary Domain

We'll scan this domain and discover subdomains automatically.

I confirm that I am authorized to request a security scan of this domain and agree to the Terms of Service. The report will only be sent to the work email provided.

Your work email domain must match the domain being scanned. Free email providers (Gmail, Yahoo, etc.) are not accepted.

OpenEASD is an external, non-intrusive scan. It does not test for all vulnerabilities and is not a substitute for a penetration test or a full security assessment. Grades reflect publicly observable configuration at the time of scanning and may not capture all risks. See our Terms of Service for full details.