veilscan
Get started
Features Pricing About Blog FAQ Compare Use Cases Get started free →
Get Started

Run a Free External Vulnerability Scan

No credit card required · Results in under two hours
Quick Answer: VeilScan's free plan lets you scan one domain at no cost. Register, verify ownership with a DNS TXT record or file upload, and the scan starts automatically. You receive a report showing Medium and Low severity findings within two hours. No credit card required.

What does the free vulnerability scan cover?

The free scan runs VeilScan's full external reconnaissance pipeline against one domain. It discovers all publicly visible subdomains using DNS brute-forcing, certificate transparency logs, and historical data sources. It then probes each live host for:

  • Open ports and exposed services — identifying unexpected SSH, FTP, database, or admin ports accessible from the internet
  • TLS/SSL configuration — expired certificates, weak cipher suites, missing HSTS headers
  • Email security records — SPF, DKIM, and DMARC configuration gaps that enable email spoofing
  • Cloud asset exposure — publicly accessible S3 buckets, exposed storage endpoints
  • Admin panel exposure — login pages and management interfaces visible to the public internet
  • Sensitive file disclosure — exposed .env files, configuration files, backup archives
  • Subdomain takeover vulnerabilities — DNS records pointing to unclaimed external services

The free plan shows Medium and Low severity findings. Critical and High severity findings are detected but require a paid plan to view in full detail with proof evidence and attack path context.

How do you start a free vulnerability scan?

Starting a free scan takes under five minutes:

  1. Create a free account at veilscan.net/register using your email address. No credit card is required.
  2. Verify your email — a one-time code is sent to confirm your address.
  3. Add your domain — enter the domain you want to scan (e.g. yourcompany.com).
  4. Verify ownership — add a DNS TXT record to your domain to confirm you are authorised to scan it. Alternatively upload a verification file to your web root.
  5. Sign the Rules of Engagement — a short document confirming you authorise VeilScan to scan your domain. This is required before any scan runs.
  6. The scan starts automatically — results appear in your dashboard and are emailed to you when complete.

What do you get from the free scan results?

Your free scan report shows:

  • A list of all discovered subdomains
  • Open ports and services detected on each live host
  • TLS and email security configuration gaps
  • Medium and Low severity findings with plain-language descriptions and remediation guidance
  • A summary of how many Critical and High findings were detected (unlocked with a paid plan)
  • A Business Impact Score preview showing the overall risk level of your attack surface

The free scan report is a read-only dashboard view. PDF export and full proof evidence require a paid plan.

What is the difference between the free scan and paid plans?

The free plan is a one-time lifetime scan of one domain. It is designed to give you a real picture of your external exposure with no commitment. Paid plans add:

  • Critical and High findings unlocked — full severity visibility with proof evidence
  • Multiple domains — Core plan supports up to 5 domains, Pro up to 20
  • Continuous scheduled monitoring — automatic weekly or monthly rescans
  • PDF reports — signed, board-ready PDF with compliance mapping for ISO 27001, SOC 2, GDPR, PCI DSS
  • Attack path analysis — showing how individual findings chain into breach scenarios
  • Slack alerts — notifications for new critical or high findings
  • Delta tracking — new and fixed findings highlighted per scan

See all plans and pricing for a full comparison.

Is the free scan safe to run on a production system?

Yes. VeilScan performs non-destructive, read-only reconnaissance. The scanner never attempts to modify data, cause service disruption, or gain unauthorised access. All scans operate under a signed Rules of Engagement that explicitly prohibits destructive testing. VeilScan is safe to run continuously against production domains.

That said, if your environment is sensitive or you have specific scanning restrictions, contact hello@veilscan.net before starting.

What are the most common questions?

Can I scan a domain I do not own?

No. VeilScan requires proof of domain ownership through DNS verification or file upload before any scan runs. You must also sign a Rules of Engagement document confirming you are authorised to scan the specified domains. Scanning domains you do not own or control is prohibited by the Acceptable Use Policy.

Can I upgrade from the free plan to a paid plan?

Yes. At any point in your dashboard you can upgrade to Starter, Core, or Pro. Your scan history and domain settings are preserved. Upgrades take effect immediately after payment is confirmed.

Does the free plan expire?

The free plan itself does not expire, but it includes only one lifetime scan per domain. If you want to rescan the same domain, a paid plan is required.

What happens to my data after the free scan?

Scan results are stored securely in AWS eu-west-2 (London) and are retained for the duration of your account. If you delete your account, all scan data is permanently removed. Data is never shared with third parties. See the Privacy Policy for full details.

Ready to see your attack surface? The free scan takes two minutes to set up and delivers results in under two hours. Start your free scan →