AGENTIC RECON • LIVE

AGENTIC
RECONNAISSANCE
REIMAGINED

45 agents across 8 phases — from passive OSINT to version-validated CVE research.
Scheduled scans with automatic attack-surface diffs • Recon Intelligence • Bounty scope sync • PDF exports • Grok executive reports, auto-delivered by email.

START SCANNING NOW LOGIN TO DASHBOARD
Featured in SquidSec Podcast — Modular Agentic Cyber Recon Tool
evil.com
AGENTS ACTIVE
subfinder✓ COMPLETE
dnsx✓ COMPLETE
wayback✓ COMPLETE
crtsh✓ COMPLETE
github_dork✓ COMPLETE
known_exploitsRUNNING
SCROLL FOR AGENTIC MAGIC ↓
END-TO-END AGENTIC SYSTEM

Autonomous Agents.
Zero Infrastructure.

1️⃣

Buy Scans • Submit Domain

PayPal checkout. One token = one full scan. Paste your target and agents take over.

2️⃣

Agents Take Over

45 intelligent agents chain 8 phases — passive OSINT, DNS enum, active scanning, vuln checks, and Known Exploits CVE research.

3️⃣

Recon Intelligence

Visual dashboard with KPI tiles, interactive charts, word maps, and click-through drilldowns to source tool output.

4️⃣

Report, Diff & Deliver

Grok executive report with version-validated CVEs — emailed on complete, exportable as PDF. Re-scans auto-diff against the prior run so you see what changed.

AGENTIC ANALYSIS
Production-ready today

Everything a bug hunter or red teamer needs

No self-hosted tools. No CLI hell. Just beautiful neon UI + agentic intelligence.

📡

Subdomain & Live Host Enumeration

  • • Subfinder, Findomain, DNSx
  • • Host liveness probing
  • 45 Tools across 8 Phases
📊

Recon Intelligence Dashboard

  • • KPI tiles + Chart.js visualizations
  • • Subdomain & tech word maps
  • • Click any metric → source evidence
🐛

Known CVE Research

  • • Grok + live web search
  • • Version-validated CVE matching
  • • Full non-truncated exploit report
🛡️

Full Active Pipeline

  • • Nuclei, Nikto, SSRF, CORS, GraphQL
  • • Real-time task status + auto-refresh
🎯

Bounty Scope Sync

  • • HackerOne & Bugcrowd credential connect
  • • Sync programs and in-scope assets automatically
  • • Pick targets or Run All In Scope in one action
📅

Scheduled Scans

  • • One-time, daily, weekly, or monthly cadence
  • • Local timezone + day/time from Advanced Settings
  • • Full 45-agent pipeline re-runs on autopilot
🔀

Scan Change Detection

  • • Diff each completed scan vs the prior run
  • • New/removed hosts, tech, CVEs, paths & more
  • • Makes scheduled scans actually useful
🏅

Badge System

  • • 100+ earnable badges across discovery & OWASP
  • • Stackable counts — track findings across every target
  • • Share achievements on LinkedIn and X
📄

PDF Export & Sharing

  • • Sectioned PDF reports (pick what to include)
  • • Scan changes included in export options
  • • Public shareable reports & email delivery
AGENT POWERED

45 Specialized Recon Tools

Each tool has its own dedicated custom AI agent module built specifically for it — intelligent parsing, smart filtering, and contextual analysis included.

wayback
crtsh
github dork
public leak
github repo search
dockerhub
package registry
cloudenum
theharvester
subfinder
findomain
dnsx
dnsrecon
fierce
subdomain takeover
host alive
cache poisoning
sensitive paths
httpx
katana
naabu
gobuster
ffuf
feroxbuster
arjun
waf whatweb
security headers
testssl
nikto
nuclei
wordpress
cors scanner
jwt oauth analyzer
ssrf scanner
open redirect
ssti detector
xxe scanner
firewall evasion
origin ip sniffer
snmp enumerator
ldap smb nfs
graphql scanner
web scraper
enum4linux ng
known exploits

Every single tool runs inside its own autonomous AI agent that understands the output and makes intelligent decisions.

BUG BOUNTY READY

Built for hunters who scale

Connect bounty platforms, schedule recurring recon, diff every re-scan against the last run, and earn badges as you discover — all from the same dashboard.

🔗

Bounty Scope Sync (HackerOne & Bugcrowd)

Link platform credentials on your profile, then browse and select any program you have access to. In-scope domains sync automatically — pick a target from the dropdown or launch Run All In Scope to queue scans across every eligible asset.

  • • HackerOne and Bugcrowd supported
  • • Program picker with live scope refresh
  • • Domains, apps, and wildcard assets supported
  • • Scope check before every scan

Recurring Scan Schedules

Enable recurring scans in Advanced Settings when submitting a job. Choose one-time, daily, weekly, or monthly cadence, pick your local timezone and run time, and let SquidScan re-run the full 45-agent pipeline on autopilot — no manual resubmission.

  • • One-time future-dated scans, plus daily / weekly / monthly
  • • Day-of-week and day-of-month pickers for predictable windows
  • • IANA timezones so runs land in your local business hours
  • • Ideal for continuous attack-surface monitoring
🔀

Scan Change Detection — why scheduled scans win

A re-scan alone is noise. SquidScan automatically compares each completed job to the previous completed scan of the same domain and surfaces what actually changed. That is what makes continuous monitoring useful for bug bounty hunting and red teaming: you see what appeared since last week, not another full dump to re-triage.

Open the dedicated Scan Changes view from any completed job, spot deltas on the job list, include changes in PDF exports, and get change context in scan-complete email notifications.

Diffed categories

  • • Subdomains added / removed
  • • Live hosts added / removed
  • • Technologies appearing or gone
  • • Confirmed CVE deltas
  • • Sensitive paths (new exposures)
  • • Subdomain takeover candidates
  • • Open redirects
  • • Security header grade shifts
  • • Nuclei severity count deltas

Schedule weekly recon on your programs → wake up to “what changed” instead of re-reading the entire attack surface.

🏆

Operator Badge System

Earn badges automatically as agents discover technologies, security header gaps, OWASP Top 10 evidence, CVE confirmations, and more. Over 100 badges to collect — stackable counts show how many times you have found each issue class across targets.

  • • Discovery, OWASP, streak & milestone categories
  • • Badge details modal with share to LinkedIn & X
  • • Public profile showcases your earned collection
📄

PDF Exports, Email & Public Reports

Ship findings without reformatting. Export a professional PDF with selectable sections (including scan changes), share a public report link when you want external visibility, and receive email when a scan finishes — with change context when a prior run exists.

  • • Section picker for PDF (summary, AI, phases, changes)
  • • Scan-complete emails with Grok report delivery
  • • Public shareable job reports for stakeholders
VISUAL INTELLIGENCE

Recon Intelligence Dashboard

Attack surface at a glance — every job report includes interactive charts, KPI tiles, and word maps with click-through drilldowns to source evidence.

📈

Interactive Charts

Attack surface funnel, HTTP status breakdown, vulnerability vectors, sensitive paths, security grades, scan progress, and CVE severity doughnut — all powered by Chart.js with loading states.

🗺️

Word Maps

Subdomain prefix map and technology stack map in full-width rows. Noise-filtered fingerprinting shows only real services discovered from trusted sources.

🔍

Evidence Drilldowns

Click any KPI tile or chart segment to scroll to the source tool output and flash-highlight the relevant finding. Trace every metric back to raw evidence.

PHASE 8 — KNOWN EXPLOITS

CVE research that only counts real matches.

The final-phase known_exploits agent aggregates every technology discovered across the scan, then uses Grok with live web search to find known CVEs and public exploits.

  • Version-validated matching — CVEs only count when they apply to the exact version found
  • Confirmed CVE table with severity breakdown on the dashboard
  • Full, non-truncated exploit research output preserved in the job report
KNOWN EXPLOITS PHASE — CVE RESEARCH COMPLETE
[SAMPLE REPORT — FICTIONAL EXAMPLE] EXPLOIT / CVE RESEARCH SUMMARY (demo target: example-corp.test): Technologies analyzed: web-server, tls-library, app-runtime (versions redacted) Confirmed CVEs: 3 (1 Critical, 1 High, 1 Medium) CVE-20XX-XXXXX — example DNS resolver issue (fictional) ✓ Installed version in affected range CVE-20XX-XXXXX — example crypto library issue (fictional) Full research output preserved — no truncation.
THE KILLER FEATURE

One button.
Grok writes your entire report.

  • 0182 subdomains — many impersonating PayPal, Microsoft, banks
  • 0259 live hosts + suspicious C2 patterns
  • 03Critical findings, risk scores, brand impersonation map
  • 04Version-validated CVEs with confirmed exploit research
  • 05Executive summary auto-generated and emailed — ready for clients or bug bounties
AI HOLISTIC ANALYSIS COMPLETE
## Security Assessment Report: evil.com **Risk Level: CRITICAL** 82 subdomains • massive attack surface Brand impersonation detected 59 live hosts + C2 naming patterns Long-lived domain (1995) • locked WHOIS

The most beautiful recon dashboard you’ve ever seen

Recon Intelligence charts • Scan change detection • Scheduled recon • CVE severity • Word maps • PDF export • Auto-refresh

SquidScan Jobs Dashboard — scan starter and job list

Submit domains and track all 45 agents

SquidScan Recon Intelligence Dashboard with charts and KPIs

Recon Intelligence — KPIs, charts, and word maps

SquidScan Technology Stack Map and Grok AI Report

Technology fingerprinting and Grok AI reports

SquidScan Badge System — earned badges with stackable counts and share options

Badge system — 100+ earnable achievements with shareable details

SquidScan HackerOne integration — bounty program picker and scope target selection

HackerOne integration — sync programs and pick in-scope targets

SquidScan scheduled scans — recurring weekly scan configuration in Advanced Settings

Scheduled scans — recurring recon that diffs against your last run

Real screenshots from the live SquidScan app

REAL LIVE DEMO

See a Real Grok-Powered Job Report

This is an actual completed scan with full Grok AI analysis.
Click below to open the real report.

Simple. Transparent. Pay-as-you-go.

No subscriptions. Scans never expire.

1
SCANS
$5
Buy
10
SCANS
$15
Buy
MOST POPULAR
25
SCANS
$25
Buy with PayPal
50
SCANS
$45
Buy
100
SCANS
$75
Buy

Ready to become an agentic recon god?

Join the SquidSec crew.

CREATE ACCOUNT & SCAN YOUR FIRST DOMAIN →