Submit your domain and our team will map everything visible from the outside — subdomains, open ports, running services, SSL issues, and known vulnerabilities. Results are delivered directly in your platform dashboard.
Domain Checkup is free for every Yappo CyberSec account. Sign up with your corporate email, submit your domain, and our team handles the rest. No tools to install, no scanners to configure.
Once you submit your domain, our analysts run a comprehensive external reconnaissance — the same methodology we use at the start of every penetration test. We enumerate your subdomains, identify the services and versions running on each IP and port, check for deprecated SSL/TLS protocols, and cross-reference detected versions against known CVEs.
When the analysis is complete, you receive detailed results directly in the platform: KPI cards with key metrics, visual breakdowns of your service distribution and TLS coverage, a detailed table organized by subdomain, and an analyst summary highlighting what matters most.
Most checkups are completed within a few business days. You'll get an email notification as soon as your results are ready.
Every finding is structured by subdomain — ports, services, versions, TLS status, and known CVEs — so your team knows exactly where to focus.
Starting from your main domain, we discover all associated subdomains — including forgotten staging environments, old test servers, and shadow infrastructure that attackers find first.
Every discovered host is scanned for open ports. For each one, we identify the service name and exact version running — Nginx, Apache, OpenSSH, Postfix, and more.
We flag services still supporting SSLv2, SSLv3, TLSv1.0, or TLSv1.1. Each deprecated protocol is classified by severity — so you know which ones to fix first.
Detected service versions are cross-referenced against vulnerability databases. If a version you're running has published CVEs, we flag them with direct links to the NVD for full details.
Results start with six key metrics at a glance: subdomains detected, open ports, deprecated TLS services, vulnerable versions, unique CVEs, and your most exposed subdomain.
Interactive charts break down your service distribution, top exposed ports, TLS protocol coverage (modern vs. deprecated), and version security status — making patterns easy to spot.
Every finding is organized by subdomain in a structured table — port, service, version, TLS status, and known CVEs — so your team knows exactly where to focus remediation.
Beyond the raw data, our security team writes a summary highlighting the most critical findings and recommended actions. Expert context, not just a list of ports and IPs.
Create your free account with a corporate email. Submit your domain. Our team runs the analysis and delivers results directly in your dashboard — no calls, no contracts, no credit card.
Most checkups are completed within a few business days. It's the same external reconnaissance we run at the start of every pentest — now available as a standalone, free service.
Start Free