Scan. Detect. Secure.
Ravenscan is an all-in-one network security scanner, delivered as a single Go binary. It audits network infrastructure, detects vulnerabilities, assesses compliance and provides exploitable attack paths — all with a built-in modern web interface.
Everything you need
Comprehensive security auditing with built-in best practices.
Scan & discovery
TCP port scanning (SYN/Connect) with service and banner detection, ping sweep, ARP on local network, OS fingerprinting via multi-source correlation (SSH/HTTP/SMB).
13 audit modules
SSL/TLS, SSH, DNS, SMB, HTTP headers, SNMP, RDP, LDAP, Kubernetes, Docker, NTP, Email (SPF/DMARC/DKIM), Web vulnerabilities — detection of misconfigurations and known vulnerabilities.
Web scanning (opt-in)
SQLi detection (error-based, time-based, union), reflected XSS, sensitive directory brute-force. Three levels: passive, active, aggressive.
YAML template engine
Customisable templates for HTTP and TCP checks. Matchers (status, regex, keywords), extractors and dynamic variables — simplified Nuclei-style.
CISA KEV & CVE
Built-in CISA KEV database (50+ known exploited vulnerabilities). Automatic NVD CVE enrichment with CVSS scores and EPSS probability.
Scoring & compliance
Score 0-100 with A-F grading per category. 65+ finding types. Mappings for PCI DSS, NIST 800-53 and CIS Benchmark.
Attack paths & MITRE ATT&CK
Automatic correlation of findings into exploitation chains (SMBv1 → lateral movement, LDAP anon → Kerberoasting, K8s → container escape). MITRE ATT&CK Tactics & Techniques mapping.
Default credentials
Opt-in: checks default/empty credentials for common services (FTP, Redis, MySQL, PostgreSQL, MongoDB, SSH). Rate limit compliance to avoid lockouts.
Multi-format reports
Interactive HTML and executive PDF reports. Diff/delta between scans to track progress. JSON API output for CI/CD integration.
REST API & web interface
Full async API for scans and reports. React dashboard built into the binary: global score, trends, top risks, attack path visualisation.
Automation & webhooks
Built-in cron scheduler, scan profiles (quick, standard, deep, compliance), baselines & exceptions, Slack / Teams / Discord / WhatsApp / HTTP notifications.
Embedded SQLite
Locally persisted scan history, zero external servers. Baselines, trends and delta between runs over time.
Single binary
Go 1.26, zero CGO, zero external dependencies. Docker image ~25 MB, non-root, multi-stage. Interrupted scan resume, rate limiting.
Installer Ravenscan
A single command. Docker support included.
Ready to secure your environment?
Free trial of Ravenscan for 14 days. No credit card required.