VoidScan Proprietary Tools

Functional detail of 30+ proprietary tools (33/33) integrated into the platform

Complete Coverage (33/33)

This view consolidates all 33 proprietary tools integrated into the audit flow. Each block maps to one technical domain and is reflected in the final report with evidence, status and risk context.

Frontend and Supply Chain

Focus on browser-side exposure, client execution policies and JavaScript dependency risk.

05 - Void SPA/NextJS Analyzer

Detects SPA frameworks, public artifacts and possible data traces in client-side rendering.

09 - Void JS Dependency Auditor

Audits detected JS libraries, observed versions and obsolescence risk indicators.

14 - Void CSP Deep Analyzer

Evaluates CSP resilience against common bypass patterns and unsafe directives.

20 - Void JS Supply Chain Trust

Measures trust level for runtime third parties and critical external dependency.

25 - VoidScan Secret Exposure (Passive)

Detects passive secret exposure in public content, web resources and visible artifacts.

In technical report

  • Audited scripts/resources inventory and risk state.
  • Client-side evidence with remediation priorities.
  • Execution-surface reduction guidance.

Identity, APIs and Session

Covers modern auth, API authorization consistency and session/token governance hardening.

17 - Void OAuth/OIDC Exposure

Reviews discovery documents, public metadata and risky OAuth/OIDC configuration signals.

18 - Void API Auth Matrix

Compares auth/authz behavior across routes, methods and API profiles.

19 - Void Admin Panel Hardening

Assesses exposure and hardening level of Internet-accessible admin interfaces.

21 - Void Session Security Profiler

Analyzes session flags, persistence and weak authenticated-state controls.

28 - VoidScan GraphQL Hardening Analyzer

Evaluates GraphQL endpoint hardening, exposed introspection and query abuse surface.

32 - VoidScan CORS Trust Graph

Models CORS trust relationships to detect high-risk origins and overexposure.

33 - VoidScan Credential Validation (Guarded)

Validates controlled weak-auth signals and reused-credential risk patterns.

In technical report

  • Endpoint matrix with observed exposure level.
  • Severity per auth/session weakness type.
  • Prioritized hardening actions.

Surface and Infrastructure

Tracks public assets, perimeter drift and infrastructure signals with operational impact.

10 - Void Subdomain Takeover

Identifies potentially claimable subdomains caused by orphaned configurations.

13 - Void DNS Zone Analyzer

Audits DNS records and zone security posture from real exposure perspective.

15 - Void Attack Surface Delta

Compares runs to detect newly exposed perimeter entries.

16 - Void Certificate Transparency Watch

Monitors unexpected certificate issuance as an early anomaly signal.

23 - Void Shadow SaaS Detector

Detects unmanaged SaaS signals connected to the main audited asset.

In technical report

  • Related asset inventory and exposure state.
  • Surface comparison for risk growth.
  • Operationally contextualized infrastructure alerts.

Exposure, Secrets and CI/CD

Groups critical misconfigurations, secret leakage and CI/CD exposure that can enable abuse.

03 - B2B Logic Flaw Detector

Finds suspicious params/routes linked to weak business logic or bypass patterns.

06 - Cloud Misconfig Scanner

Detects cloud objects potentially exposed by weak configuration or predictable naming.

07 - Git/Env Exposure

Audits sensitive paths and files such as repo data, env files and backup artifacts.

11 - Void Form Security Analyzer

Reviews security controls on critical forms and baseline abuse protections.

26 - VoidScan SQLi Surface Mapper

Maps parameters and endpoints with SQLi surface signals to prioritize validation.

29 - VoidScan CI/CD & Artifact Leak Sentinel

Detects exposed CI/CD pipelines and public artifacts with secrets and operational impact.

30 - VoidScan SQLi Active Validator

Actively validates prioritized SQLi hypotheses with controlled guardrails.

31 - VoidScan Secrets Exposure Correlator

Correlates secret-exposure signals to elevate confidence and impact relevance.

In technical report

  • Checked path/file registry with per-item outcome.
  • Evidence and potential operational impact.
  • Remediation plan by priority and effort.

Email, Compliance and Third Parties

Connects technical findings with deliverability, regulatory exposure and vendor dependency risk.

01 - Void Compliance Scanner

Maps technical findings to compliance impact and regulatory exposure.

08 - Void Email Security Analyzer

Evaluates SPF, DKIM, DMARC and mail-domain security posture.

12 - Void Third-Party Risk

Classifies third-party resources by criticality, trust and dependency profile.

22 - Void Email Deliverability Security

Correlates email deliverability and anti-spoofing resilience.

27 - VoidScan Rate-Limit & Anti-Automation Profiler

Profiles rate-limit and anti-automation controls to measure practical abuse resistance.

In technical report

  • Email posture and spoofing-risk summary.
  • B2B compliance signals and focus points.
  • Third-party matrix with control/substitution recommendations.

OSINT and Advanced Discovery

Extends visibility with public-signal correlation beyond traditional technical scanning.

02 - Void OSINT Correlator

Cross-correlates public sources to detect indirect exposure indicators.

04 - VoidScan Private Templates

Uses proprietary templates for contextual detection in business verticals.

24 - Void Google Hacking Advanced

Applies advanced dorks to locate indexed exposure and sensitive traces.

In technical report

  • Relevant OSINT traces and dorks with risk context.
  • Prioritized evidence for takedown/blocking/minimization actions.
  • Executive-level complementary view to technical scanning.

How it is used in the global report

  • Each module leaves verifiable technical evidence.
  • Findings and reviewed controls without incidents are both documented.
  • Traceability enables risk-based remediation prioritization.