Run a passive scan
Public-data only — DNS, certificate transparency, HTTP headers, WHOIS, Wayback, well-known files, tech-stack fingerprint, modern email security (MTA-STS / TLS-RPT), and (where keys are configured) Shodan / GitHub leak search / HIBP. Cross-references detected versions against publicly known CVEs.
dns
ssl
headers
subdomain
whois
wayback
security_files
tech_stack
email_security
threat_intel
shodan
github
hibp
Recent scans
Click any scan to re-open the score and reports without re-running. New scans save automatically when they finish.
Loading…
Sentry Harness queries only public data sources (DNS, CT logs, public HTTP, public APIs).
It does not authenticate, brute-force, or fuzz. Each scan is logged in audit.log.
Before sending unsolicited reports to organisations, confirm your local jurisdiction's
rules — Bennd's standard practice is a Namibian commercial-lawyer review.