Cactus - External security dashboard by SecurePurple

Free external security scan · by SecurePurple

Enter the domain you're authorized to assess. One scan per IP / company email, per 24 hours.

Heads up: this is an automated passive scan. Some findings may be false positives or need human validation. Treat results as a starting point, and confirm critical issues with a manual review before acting on them. Book a full VAPT for verified, expert-reviewed results.

Overall risk score

just now

-/100

0 critical 0 high 0 medium 0 low

TLS grade

protocol & certificate health

Email posture

SPF / DMARC / MTA-STS

Attack surface

0subdomains

0live hosts

0tech

Severity breakdown

🎯

Top priorities

Action-ready backlog

🛡

OWASP Top 10 (2021)

Passive-scan applicable categories

🧱

Technology stack

detected from headers, HTML, and JS

🐛

Known vulnerabilities

Cross-referenced against retire.js and EOL data

🧾

HTTP security headers

✓ present · ✕ missing

🔒

TLS & certificates

protocol, cipher & certificate inspection

📨

Email security

SPF · DKIM · DMARC · MTA-STS · TLS-RPT

📜

Compliance snapshot

ISO 27001 · PCI-DSS · NIST CSF · CIS Controls

Show control-level breakdown

🌐

DNS records

A · AAAA · MX · NS · TXT · SOA · CAA

🕸

Subdomains (CT logs)

0 unique

⛔

Subdomain takeover check

CNAME chain inspection vs. known service fingerprints

🔭

OSINT & external exposure

Wayback · GitHub · search-engine dorks

📋

All findings

Consolidated log across all checks

Sev	Category	Finding	Detail

Next step

Ready for the picture attackers can't see from outside?

Authenticated web & API fuzzing · internal network assessment · source review · remediation-ready report aligned to your compliance framework.

Book a scoping call →