GHOST FREE — EXTERNAL RECON

Know Your Attack Surface
Before They Do.

GHOST maps your external attack surface — subdomains, exposed services, certificate issues, and known CVEs — delivered to your inbox within minutes.

Results appear on this page immediately. A copy is emailed to you when the scan completes. By submitting, you confirm you own or are authorised to scan this domain. One scan per domain per 24 hours.

Subdomain Discovery

Certificate transparency logs reveal every subdomain your domain has ever used — including forgotten staging environments attackers probe first.

Exposed Services

HTTP/HTTPS probing identifies publicly reachable services and the technology stack behind them — the data attackers collect before they move.

Certificate Health

TLS expiry, weak cipher detection, misconfigured SANs — the kind of silent oversight that becomes an incident.

CVE Correlation

Discovered services are matched against known vulnerabilities including CISA KEV — the CVEs actively exploited in the wild right now.

◎ PASSIVE RECON ONLY◎ RESULTS IN MINUTES◎ POWERED BY SENTINEL GHOST
FULL PLATFORM

GHOST is one of ten SENTINEL agents.

The full stack adds autonomous containment, identity anomaly detection, kill chain mapping, compliance automation, and REAPER — a continuous red team that attacks before adversaries do.

REQUEST 21-DAY TRIAL →