// Security Assessment Tool v9.0 — v36 UI

Scan. Detect.
Secure.

Professional web security analysis with email reports, scheduled scans, and API access.

Security Headers

CSP, HSTS, X-Frame-Options and 8 more critical headers.

XSS & SQLi Detection

Active tests for Reflected XSS and SQL Injection vulnerabilities.

Email Reports

Receive full scan reports in your inbox automatically.

Scheduled Scans

Auto daily, weekly, or monthly scans — never miss a change.

API Access

Integrate scans into your CI/CD pipeline with our REST API.

PDF Reports

Download professional branded PDF reports instantly.

Simple Pricing

Start free. Upgrade when you need more.

FREE

$0/mo

5 scans/month
Email reports
Basic checks

MOST POPULAR

PRO

$29/mo

200 scans/month
Scheduled scans
API access + keys
White label PDFs
PDF reports

BUSINESS

$99/mo

Unlimited scans
All Pro features
Team management
SLA support

RESET PASSWORD

Enter your email to receive a reset link

Email

Remember your password? Sign in

NEW PASSWORD

Enter your new password below

New Password

Confirm Password

CREATE ACCOUNT

Free plan — no credit card required

Email

Password

Confirm Password

Have an account? Sign in

// ETHISCAN PRO

DASHBOARD

FREE

— SCAN LIMIT

— USED THIS MONTH

— REMAINING

AUTHORIZED USE ONLY — Only scan websites you own or have explicit permission to test.

TARGET URL

Enter a website to begin security analysis

// Target URL

Loading... FREE PLAN

// Scanning

0%

Validating target URL

Probing HTTPS & redirects

Analyzing security headers

Detecting server fingerprint

Auditing cookie security

Testing for Reflected XSS

Testing for SQL Injection

Probing sensitive paths

Running advanced modules (43 checks)

AI vulnerability analysis

Saving report + sending email

// Scan Queue Monitor

Auto-refresh every 8s

// Click "Monitor" to load scan queue.

// Click "History" to load your scans.

// Add Scheduled Scan

Target URL

Frequency

// No scheduled scans yet.

// Generate API Key

Key Name

// Active Keys

// No API keys yet.

// API Usage

POST /api/v1/scan with your key in the Authorization header:

curl -X POST https://your-domain.com/api/v1/scan \
  -H "Authorization: Bearer esp_live_xxxx..." \
  -H "Content-Type: application/json" \
  -d '{"url":"https://example.com"}'

// Notifications

Email Reports

Receive scan results via email after each scan

// White Label

Your company name will appear in PDF reports and emails (Pro/Business only).

Company Name

Logo URL (optional, https://...)

// Security Utility Tools

Standalone tools for deeper manual security analysis. Each tool opens in a dedicated workspace.

🔐

SRI Hash Generator

INTEGRITY · HASHING

Generate Subresource Integrity hashes for CDN scripts and stylesheets. Essential protection against supply-chain attacks.

SHA-256 SHA-384 URL / Paste

🌐

DNS Zone Transfer Tester

DNS · RECON

Test a domain's nameservers to check whether they allow unauthorized zone transfers (AXFR) — a critical DNS misconfiguration.

AXFR NS Lookup Misconfiguration

🛡️

Zero-Day Detection

CVE · VULNERABILITY

Look up known CVEs and zero-day vulnerabilities for any software or library directly from the NVD database.

NVD CVSS Score Any Software

⚙ ADMIN PANEL

System Management Dashboard

ADMIN

// Loading...

// Loading...

// Loading...

// Loading...

// Role Management (RBAC)

Assign roles to control what each user can access.

SUPER ADMIN

Full system access

ADMIN

User + scan management

OPERATOR

View + manage incidents

VIEWER

Read-only access

// Assign Role to User

// Loading role assignments...

// IP Blocking

// Loading blocked IPs...

// Allowed Domain List

Only these domains can be scanned. Leave empty to allow all.

// No domain restrictions set.

// Create Incident

Title

Severity

Description

Assign To (email)

// Active Incidents

// Loading incidents...

// Scan Engine Settings

Max Pages Per Scan

Request Timeout (seconds)

Rate Limit (scans/minute)

Crawler Depth

// Feature Toggles

AI Analysis

Email Reports

Scheduled Scans

Public API

DANGER ZONE — These controls affect the entire system. Use with extreme caution.

// System Status

SYSTEM STATUS

ONLINE

API STATUS

ACTIVE

MAINTENANCE

OFF

ACTIVE SCANS

—

// Emergency Controls

🛑

Emergency Stop

Immediately stop all active scans.

🔒

API Freeze

Block all incoming API requests.

🔧

Maintenance Mode

Show maintenance page to all users.

⚡

Read-Only Mode

Disable all write operations.

💀

System Shutdown

Full system lockdown — all services offline.

// Admin Audit Log

// Loading audit log...

// System Health Score

// Loading health...

// Scan Volume — Last 30 Days

// Risk Distribution

// Scan Activity Heatmap (Last 90 Days)

// Loading heatmap...

// Top Scanned Domains

// Create Alert Rule

Rule Name

Condition

Threshold

Actions (comma-separated)

Webhook URL (optional)

Auto-Incident Severity

// Active Alert Rules

// Loading rules...

// 🧠 Scan Control Center

Live monitoring and control of active scan jobs

AUTO-REFRESH: ON

—

RUNNING

—

STUCK

—

ERROR

—

TOTAL

// Active Scans

// Loading scan jobs...

// 🛡️ Auto Threat Intelligence

Auto daily update — NVD CVEs + OWASP Patterns

—

XSS PATTERNS

—

SQLI PATTERNS

—

CVE ENTRIES

—

TOTAL ACTIVE

// Update History

// Loading...

// Pattern Breakdown

// Loading...

// SYSTEM OVERVIEW

ACTIVE USERS

—

last 24h

ACTIVE SCANS

—

running now

TOTAL SCANS

—

all time

OPEN INCIDENTS

—

unresolved

BLOCKED IPs

—

network rules

TOTAL USERS

—

registered

// Recent Scan Activity

// Loading...

// LIVE EVENT FEED LIVE

// Security Events

// Waiting for events...

// INCIDENT MANAGEMENT

// Active Incidents

// Loading incidents...

// ACTIVE CONNECTIONS

// WebSocket Sessions

// Loading connections...

// AUDIT LOGS

// Admin Action Log

// Loading logs...