Free — No Account Required

Map Your External Digital Attack Surface

Subdomain discovery, certificate transparency analysis, DNS resolution, and service fingerprinting — the same OSINT techniques attackers use before every breach. Professional-grade reconnaissance, instant results.

Enter Your Domain

We enumerate subdomains, query certificate transparency logs, resolve DNS records, and fingerprint exposed services — all in seconds.

Open Source Passive Recon Only Temporary Results No Account Needed

Sample Results Preview

Here is what a free scan reveals about a typical domain.

14 Subdomains

3 Exposed Services

2 Certificate Issues

47 Open Ports

High

Exposed Admin Panel

admin.example.com is publicly accessible on port 443 without IP restriction. Administrative interfaces should not be exposed to the internet.

Elevated

Expired TLS Certificate

staging.example.com has an expired certificate (expired 2025-12-01). Expired certificates indicate forgotten infrastructure and break trust chains.

Moderate

Development Subdomain Exposed

dev.example.com resolves to a public IP running a development server on port 8080. Development environments often lack production security controls.

Extreme

Database Port Exposed

A critical finding was detected on your infrastructure that requires immediate attention. Upgrade to unlock the full report.

Unlock Full Report

Professional-Grade Reconnaissance

The same techniques used by penetration testers and red teams during external engagements.

Subdomain Discovery

Passive enumeration via certificate transparency logs, DNS brute-forcing, and public OSINT sources. Surfaces forgotten dev, staging, and admin endpoints that expand your attack surface.

Port Scanning & Service Fingerprinting

Identify open ports and fingerprint running services across discovered hosts. Detect unexpected services, legacy protocols, and misconfigured infrastructure.

Certificate Transparency & DNS

Query CT logs for every certificate ever issued to your domain. Resolve DNS records to map live infrastructure, detect stale entries, and catch expired or misconfigured certificates.

Frequently Asked Questions

What is GetHacked.eu?

GetHacked.eu is an open-source offensive security platform. It combines attack surface mapping, vulnerability scanning, and managed penetration testing into a single dashboard with real-time findings. The platform is open-source under AGPL-3.0 and can be self-hosted on your own infrastructure.

How does the free scan work?

Enter a domain and we run passive OSINT reconnaissance: certificate transparency log queries, subdomain enumeration, DNS resolution, and service fingerprinting. Results appear in seconds. No account is created and no data is stored after the scan completes.

Is the scan safe? Will it trigger alerts on my infrastructure?

Yes. The free scan uses passive techniques and lightweight probes comparable to what search engines and certificate monitors already do. No exploit payloads are sent and nothing on your systems is modified.

What tiers are available beyond the free scan?

Paid plans start at €99/month (Recon) for continuous attack surface monitoring and monthly vulnerability scans. Higher tiers add weekly scanning, manual testing hours, source code review, and dedicated pentesting. Enterprise plans include self-hosted deployment and bundled pentest days. See our pricing page for a full comparison.

Can I self-host the platform?

Yes. GetHacked.eu is open-source and designed for self-hosted deployment. Enterprise plans include support for running the entire platform on your own infrastructure. Your data never leaves your control.

How are reports generated?

Scan results and pentest findings compile into downloadable PDF reports with severity ratings, technical reproduction steps, and remediation guidance. During managed pentests, findings appear on your dashboard in real time as testers discover them — no waiting for the final deliverable.