Analyze any target.
Know everything.
Enter a URL, domain, IP, or API endpoint. Choose a scan depth — everything runs in the browser + this app; no sign-up or database.
Quick — headers, TLS, ports, SPF/DMARC, robots & security.txt, takeover. Complete — adds source crawl, subdomains, VirusTotal, wp-cron, Google dork, AI summary.
Shared host: API key for Argus routes (optional)
When the server sets ARGUS_API_KEY, paste the same value here. It is stored in this browser only and sent as x-argus-key.
Recent scans
Loading saved runs…
Security Headers
OWASP-aligned header grading + cookies
Source leak scan
Crawl pages & JS for keys, JWTs, credentials (Complete scan)
Ports + takeover
Shodan high-risk ports; CNAME takeover heuristics
AI + VirusTotal
Domain intel; Gemini summary when configured (Complete)
Mail & site files
SPF/DMARC DNS, robots.txt & security.txt — no extra accounts
Quick vs Complete
Quick: fast posture check. Complete: subdomains, crawl, dorks, AI.