Discover critical web application vulnerabilities and server configuration issues

What is CyStack Scan?

It’s a web vulnerability scanner developed by CyStack Security

How does it work?

Step 01

Users provide their website address or domain names and verify their ownership

Step 02

CyStack performs the scan

Step 03

The result will be updated in our dashboard and sent to the users via their email

How can CyStack detect vulnerabilities?


Our engine acts as a black-box scanner which tries to send malformed data to users’ website and analyzes the response to confirm that this website is vulnerable or not. This technique is called fuzzing.


Besides, we follow the newest vulnerabilities in the world and update their exploit code to our engine as plugins, which helps your websites always are tested with the latest threats. Our plugins are listed publicly here.

Is this free?

Yes. CyStack Scan is free and always will be. To prevent our network infrastructure from being overloaded, each IP address can perform only 2 scans per day. If you need more or want to monitor the safety of your websites, servers, cloud services continuously, let's consider using our premium service.