New Engagement
Target
TLS / PQC Mode
Actively probes the target's TLS configuration. Classifies key exchange as PQC or Classical, inspects the certificate algorithm, detects TLS 1.2 usage, and calculates the harvest window. Produces a report with NIST 800-53 and CMMC 2.0 control mappings.
Web App Mode
Analyzes HTTP security headers (CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy). Enumerates sensitive paths (.env, .git/config, backup, API docs). Checks HTTP methods, cookie security flags, server version disclosure, and SSL certificate expiry.
Network Mode
TCP connect scan on 17 common ports (FTP, SSH, Telnet, HTTP, HTTPS, SMB, databases, remote access). Grabs service banners and flags dangerous exposed services: Telnet, RDP, VNC, Redis, MongoDB. Maps findings to MITRE ATT&CK techniques.
Full Scan
Runs all three scans (TLS + Web + Network) against the target. Produces a comprehensive report covering quantum-safe posture, web application security, and network attack surface. Includes MITRE ATT&CK mapping across all finding types.
Purple Team Mode
Simulates six adversarial attacks: Harvest simulation (HNDL), TLS downgrade, Certificate forgery risk, Header injection, Info disclosure probe, and Auth weakness detection. Scores your blue team coverage across PQC and web vectors.