SCANYOURSTUFF.APP positions itself as “Security scanning as a service.” Its core goal is to help teams understand what they are exposing to the public internet. It is not a WAF, EDR, or host-hardening product, but an external scanning service for public-facing servers, covering ports, web configuration, known vulnerabilities, and related areas. It is best viewed as a continuous exposure-surface inspection tool.
The product uses an API-first design: from launching scans to retrieving results, everything can be handled through the API, making it easier to integrate into existing operations and security workflows. Scans can be run on a schedule or on demand. The service specifically highlights that IP addresses often change in cloud infrastructure, and that the API can scan the “currently used IPs,” reducing the risk of accidentally scanning assets you do not own. Its scanning capabilities include nmap-based full port scans to identify ports that should not be open, such as RDP, SSH, or build servers; passive Webscan based on OWASP ZAP to check for web server misconfigurations, outdated versions, SSL issues, missing security headers, and more; and Nuclei-based vulnerability scanning to detect known CVEs, exposed tokens, public log files, and similar risks. The official site also clearly states that it cannot replace internal host vulnerability scanning.
Pricing is transparent: Small costs $50/month and includes up to 10 public-facing servers, 300 scans/month, and 10 concurrent scans; Medium costs $150/month and includes up to 50 servers, 1,500 scans/month, and 50 concurrent scans; Large costs $450/month and includes up to 200 servers, 6,000 scans/month, and 200 concurrent scans. Enterprise supports higher capacity and self-hosting options, but requires contacting the team by email to request an invite. Payment methods, trial availability, and refund policy are not disclosed.
Its strengths are API-friendly automation, practical scan types, good consideration for dynamic IP environments in the cloud, and usefulness for meeting “regular security scanning” requirements in compliance frameworks. Limitations include the lack of information on alerts, dashboards, permissions, reporting, SIEM/CI/CD integrations, and SLA. Support is only explicitly described as email support. It is better suited to development, security, or SRE teams with some automation capability that need periodic public-asset inspection, rather than large security operations centers requiring a complete vulnerability management lifecycle.
Access from China is unknown, and payment methods are not disclosed. If you have requirements around connectivity, cross-border data transfer, or compliance, it is advisable to confirm service regions, self-hosting options, and payment methods by email first. Alternatives include building your own workflow with nmap, OWASP ZAP, and Nuclei, or evaluating security scanning, vulnerability management, and classified protection-related products from domestic cloud providers.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on scanyourstuff.app official site.
scanyourstuff.app is an Unknown Cybersecurity provider. TG4G tracks its product information, with monthly pricing from $50.00, an overall rating of 7.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach scanyourstuff.app directly.