BOGO² — 3 Radar scans for $99 with code BOGO2 · limited launch offer Start Scanning →

Secure Your External Perimeter.

AI-Powered automated reconnaissance and vulnerability scanning that maps your external attack surface, providing actionable intelligence in minutes, not days.

Start Scanning
► See how it works (interactive demo)

How It Works

From domain entry to final report — six simple steps.

🌐

1. Enter Domain

Type your target domain. We check DNS and HTTP reachability.

2. Validate

We verify the domain resolves and is reachable from our scanner.

🔑

3. Verify Ownership

Add a DNS TXT record to prove you own the domain. Only needed once.

💳

4. Pay

$99 — get 3 scans (1 for you, 1 for another domain you own, 1 to give to a peer) with code BOGO2

⚙️

5. Scan Runs

Our automated engine runs a comprehensive vulnerability scan against your target.

📄

6. Report

PDF report emailed to you and available for download in your dashboard.

Learn more about our scanning process →

Lightning Fast

Full spectrum scans complete in under 60 minutes using serverless Cloud Run infrastructure.

🔒

Compliance Ready

Detailed logs and reports help satisfy auditing requirements for SOC2, ISO27001, and more.

💰

Cost Effective

Enterprise-grade vulnerability scanning at a fraction of the cost of traditional security firms.

Simple, Transparent Pricing

No subscriptions. No hidden fees. Pay as you go.

BOGO² — 3 scans for $99 with code BOGO2

Most small businesses and MSPs run without an outside view of what's exposed. Oscar Six Radar provides the same kind of external vulnerability scanning that enterprise-level tools deliver, at small-business pricing. $99 gets you three scan credits: one for you, one for another domain you own, and one to give to a peer in your network who doesn't have an external scan in their stack yet. Limited launch offer.

How it works

  1. Hit Start Scan below and pay $99 with code BOGO2 at checkout.
  2. Run your first scan on your primary domain — results in your inbox the same day.
  3. Use the GET and GIVE credit links in your purchase email to assign the second and third scans. The GIVE link is shareable — hand it to your peer and they redeem it directly.
BOGO²

Single Domain Scan

$99

Use code BOGO2 for 3 scans at $99 · limited launch offer

  • Full Reconnaissance (Subdomains & DNS)
  • Port & Service Scanning
  • Vulnerability Assessment
  • 6-Hour Execution Timeout
  • PDF Report via Email
Start Scan

Frequently Asked Questions

Expand All | Collapse All
👀 Can I see what it looks like before I sign up? +

Yes. Walk through a full scan, start to finish, in our interactive demo: no signup, nothing to install. You will see exactly what you enter, how we confirm you own the site, and the report you get at the end.

🔍 What is this scan actually doing? +

Oscar Six Radar runs an automated external security assessment against your domain using industry-standard open-source tools and AI-powered analysis. Here's what happens during a scan:

  1. Reachability & SSL Check — Verifies your site is accessible, validates SSL certificates, and detects WAF/CDN protection (Cloudflare, Akamai, AWS WAF, etc.).
  2. Technology Detection — Fingerprints your web server, programming languages, frameworks, and CMS across common web ports using httpx.
  3. Security Header Analysis — Checks for missing or misconfigured headers (HSTS, CSP, CORS, cookie flags, clickjacking protection, open redirects).
  4. Reconnaissance — Discovers subdomains, scans ports via nmap, probes for sensitive files (.git, .env, backups), API endpoints (GraphQL, Swagger, REST), and scans JavaScript for exposed secrets and API keys.
  5. AI-Powered Test Selection — Claude AI selects the most relevant vulnerability templates based on your detected technology stack, avoiding irrelevant noise.
  6. Vulnerability Scanning — Runs Nuclei (by ProjectDiscovery) with targeted templates to test for thousands of known vulnerabilities including the OWASP Top 10.
  7. AI Analysis — Claude AI filters false positives, identifies attack chains, and maps findings to compliance frameworks (PCI-DSS, HIPAA, SOC 2).
  8. Report Generation — Produces a professional PDF with executive summary, prioritized findings, remediation steps, and compliance gap analysis.
🛡️ What vulnerabilities do you look for? +

We test for thousands of known issues using Nuclei templates, specifically targeting:

  • OWASP Top 10: SQL Injection, Cross-Site Scripting (XSS), Broken Authentication, Server-Side Request Forgery (SSRF), and more.
  • Infrastructure Flaws: Open ports, outdated software versions, weak SSL/TLS configurations, and default credentials.
  • Security Misconfigurations: Missing HSTS, Content-Security-Policy, CORS misconfigurations, insecure cookie flags, and clickjacking vulnerabilities.
  • Exposed Assets: Leaked API keys in JavaScript, .git and .env files, backup archives, debug endpoints, GraphQL/Swagger consoles, and JWT vulnerabilities.
  • Known CVEs: Framework-specific vulnerabilities matched to your detected technology stack (WordPress, Spring, Django, Laravel, etc.).
🤖 How does AI fit into the scan? +

Claude AI (by Anthropic) is used at multiple decision points throughout the scan:

  • Smart test selection — Chooses relevant security tests based on your detected technology, so a WordPress site gets WordPress-specific checks instead of irrelevant Django tests.
  • False positive filtering — Reviews raw findings and flags likely false positives before they reach your report.
  • Attack chain detection — Identifies how multiple lower-severity vulnerabilities could be combined for greater impact.
  • Compliance mapping — Maps findings to PCI-DSS, HIPAA, SOC 2, and OWASP Top 10 requirements so you know which standards are affected.
  • Report writing — Generates the executive summary, remediation recommendations, and business-focused attack scenarios.
📄 What's in the report? +

You receive a professional PDF report that includes:

  • Executive Summary — A high-level overview written for non-technical stakeholders.
  • Technical Findings — Every vulnerability grouped by severity (Critical, High, Medium, Low, Informational) with evidence and affected URLs.
  • Remediation Guide — Prioritized fix recommendations for each finding.
  • Attack Scenarios — Real-world narratives showing how an attacker could exploit the discovered vulnerabilities.
  • Reconnaissance Overview — Discovered subdomains, open ports, exposed files, and API endpoints.
  • Compliance Gap Analysis — How your findings map to PCI-DSS, HIPAA, SOC 2, and OWASP Top 10.
✅ How do I verify my domain? +

You need to add a TXT Record to your DNS settings containing a unique token we provide. This proves ownership and prevents unauthorized scanning.

🌐 Why are `domain.com` and `api.domain.com` separate scans? +

Strict Scoping Rule: For legal and safety reasons, our scanner stays strictly within the exact hostname you provide. Subdomains like `api.domain.com` often reside on different infrastructure and require separate authorization.

🔧 What tools are used under the hood? +

Our scanner combines several industry-standard open-source tools with AI orchestration:

  • Nmap — Port scanning and service detection.
  • httpx (ProjectDiscovery) — Technology fingerprinting and HTTP probing.
  • Nuclei (ProjectDiscovery) — Template-based vulnerability scanning with thousands of community-maintained checks.
  • OpenSSL — SSL/TLS certificate and cipher validation.
  • Claude AI (Anthropic) — Intelligent test selection, analysis, and report generation.
Expand All Collapse All

About Us

For more information, please contact sales@oscarsixsecurityllc.com.