New Scan

Configure and launch a security scan

Scan Mode

Target URL

Source Code Path

OpenAPI Spec (optional)

Auth Token (optional)

In production: stored in memory only. Never written to disk or logs.

Fail on Severity

Active Injection Probing

Sends injection payloads to test for SQLi, command injection, and header injection. Only use against systems you own or have written authorization to test.

This is a demo — scans are disabled.

Sign up to launch real scans against your APIs and source. The form above mirrors what production looks like; nothing here is sent to the engine.