~4,178 checks, matched to what each host is actually running
The surface scan tells you a host exists and what technology sits behind it. Deep Scan takes that fingerprint and fires the exact CVE and misconfiguration templates that apply — the same probes an attacker would try, run safely and entirely from the public internet.
Known CVEs
~4,178 templates covering published CVEs across web servers, frameworks, CMS platforms, VPNs and appliances — each one matched to the exact software version a host is running, so you get real hits, not a generic checklist.
Exposed panels & services
Admin consoles, login portals, dashboards and management interfaces that were never meant to be reachable from the internet — the front doors attackers check first.
Misconfigurations
Server, application and cloud misconfigurations — verbose error pages, open directory listings, exposed config files and debug endpoints that quietly leak how a system is built.
Default & weak credentials
Devices and services still answering to factory-default or well-known logins — the kind an attacker can look up in seconds and walk straight in with.
Known-exploited & end-of-life software
Components listed in CISA's Known Exploited Vulnerabilities catalog and software running past its support date — the exposures already being used in the wild, flagged and pushed to the top.
Information exposure & leaks
Exposed .git directories, backup archives, API keys and other sensitive artifacts inadvertently published to the web where anyone can pull them down.