1. Create your account

Visit /portal/register and enter your name, email, password, and a workspace name. Your workspace is where your targets, scans, and team live. You can create multiple workspaces later.

2. Add your first target

From the dashboard, click Add target. Enter a friendly name, the hostname or IP address, the target type, and an optional port.

• Website — a web application you want to scan for XSS, SQLi, etc.
• Server — a host you want to scan for open ports and CVEs.
• Network — a subnet or range for network vulnerability scanning.
• API — a REST/GraphQL endpoint to test for API-specific issues.

3. Run your first scan

Open a target and click Run Scan. Choose the scanner that fits your target:

• Nmap — fast port scan and service detection.
• SSLyze — check your SSL/TLS configuration.
• Nuclei — template-based vulnerability detection (thousands of checks).
• OWASP ZAP — full web application scan (Premium+).
• OpenVAS — deep network vulnerability scan (Professional).
• WPScan — WordPress plugin, theme, and core vulnerability detection.

4. Review results

Once the scan completes, vulnerabilities appear on the scan detail page and the Vulnerabilities list. Each vulnerability includes:

• Severity rating (Critical, High, Medium, Low, Info) with CVSS score
• CVE identifier (when available)
• Affected component and remediation guidance
• First-seen and last-seen timestamps for tracking

5. Set up scheduling

For continuous monitoring, create a scan schedule. Set scans to run daily, weekly, or on a custom cron expression. You'll be alerted automatically when new critical or high-severity vulnerabilities are detected.