Eight security scans run in parallel. AI turns raw findings into a graded report with prioritized, copy-pasteable fixes. Takes seconds, costs pennies.
Sign in with GitHub · No credit card required
$ krakenprobe example.com
🔍 Scanning example.com...
✓ TLS/SSL — Score: 95/100 142ms
✓ Headers — Score: 60/100 89ms
✓ Libraries — Score: 80/100 203ms
✓ DNS — Score: 85/100 312ms
✓ Cookies — Score: 100/100 45ms
🤖 AI Analysis (gpt-4o-mini)...
═══════════════════════════════════════════
Grade: B · Score: 84/100
═══════════════════════════════════════════
🔥 #1 Add Content-Security-Policy header
🔥 #2 Set DMARC policy to reject
🔥 #3 Remove X-Powered-By header
Completed in 1.8s · Cost: $0.0012
Eight scanners, one report
Certificate validity, protocol versions, cipher strength, key size, and chain verification.
HSTS, CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy, and information disclosure.
Detects outdated JavaScript libraries and cross-references known CVEs automatically.
SPF, DKIM, DMARC, CAA records — complete email authentication and DNS hardening audit.
Secure, HttpOnly, SameSite flags with extra scrutiny on session and authentication cookies.
Tests for wildcard origins, origin reflection, null origin, subdomain trust, and prefix bypass.
Detects HTTP resources loaded on HTTPS pages — scripts, styles, images, iframes, and forms.
Checks external scripts and stylesheets for integrity hashes. No SRI = CDN compromise risk.
Pricing
No subscriptions, no tiers. Each scan costs roughly what the AI analysis costs — about a penny with GPT-4o-mini.
GPT-4o-mini
~$0.001
per scan
Fast, cheap, very capable. Best for most scans.
GPT-4o
~$0.03
per scan
Deeper analysis, better CSP insights, richer remediation.
No AI
Free
always
Raw scan results only. No AI summary or prioritization.