Free security scan, no account

Find the weak spot
before anyone else does

New weaknesses show up on your site every month. A changed header, an expired certificate, a fresh misconfiguration. Resync Radar scans your site continuously and tells you the moment something drifts, with the same eye our pentesters bring to a full engagement.

No account needed. We only scan your public homepage · see everything we check

No account needed Result in under a minute Built by pentesters
Part of Resync OSCP eWPTxv2 MSc Cyber Security KvK 99738929
Run by OSCP pentesters
Automatic monthly scans
DNS-verified domains only
Live findings dashboard
Free to start
Response within 1 business day
01 · Why continuous

A yearly pentest is a snapshot. Your site is a moving target.

Every deploy, plugin update, certificate renewal or DNS change can open a gap. The longer it stays open, the more it costs.

€4,5 mln

Average cost of a data breach in Europe.

Source: IBM Cost of a Data Breach 2024

194 days

Average time before an intrusion is noticed.

Source: IBM Security 2024

Monthly

Resync Radar re-scans every verified domain automatically and emails you what changed.

The always-on layer between full pentests.

02 · How it works

From domain to a live dashboard in four steps.

Run a free scan

Enter your domain and get a security snapshot of your homepage in under a minute. No account needed.

Now

Create an account

Add the domains you want to keep an eye on from one dashboard.

2 min

Verify over DNS

Add one TXT record so we know the domain is yours. The value never changes, so verification stays valid.

Once

Watch your dashboard

We re-scan every verified domain automatically and surface new findings in your live dashboard, with an alert the moment something regresses.

Ongoing
03 · What we check

Security first. Accessibility and SEO ride along.

Security

Security hygiene

TLS and enforced HTTPS, HSTS, Content-Security-Policy, clickjacking protection, cookie flags, leaking version banners and other misconfigurations. The same checks we run at the start of a real pentest.

Email security

SPF · DKIM · DMARC

Can someone send email that looks like it comes from your domain? We check your DNS for the anti-spoofing records.

Accessibility

WCAG basics

The WCAG basics: alt text, form labels, document language and heading structure. The things that quietly keep people out, and increasingly a legal requirement.

SEO

Findability

Titles, meta descriptions, canonical tags, indexability and structured-data basics, so one report shows the full health of your site.

04 · Subscription

Security per domain, from €49/mo

Verify your domain over DNS and let it be scanned automatically, including email security. Price per domain, excluding VAT.

Most chosen

Radar

€49/domain · mo

excl. VAT · extra subdomain €14/mo

A full automated scan of every verified domain each month, with every finding in your live dashboard. All checks included, and the set keeps growing.

Custom

Tailored

Scans tailored to your application (authenticated flows, business logic and more) or a full pentest. Get in touch for a tailored package.

Create account

Cancel monthly · Payment via Mollie · Live dashboard

05 · Why Resync Radar

Continuous, not once a year.

An annual pentest alone
  • One snapshot, then blind for twelve months.
  • New misconfigurations sit unnoticed.
  • You find out at the next audit, or a breach.
  • Too expensive to repeat every month.
Resync Radar
  • Automatic re-scan every month.
  • An email the moment something regresses.
  • The full history in your dashboard.
  • The always-on layer between full pentests.
06 · Trust & privacy

Who is behind Resync Radar

No inflated claims. Here is who runs Radar, where your data lives, and how we handle confidentiality.

The team

Sofyan Aarrass, MSc, OSCP

Radar is built and run by Sofyan Aarrass, founder of Resync, a Dutch pentesting company. KvK 99738929.

Your data

In the Netherlands, no tracking

All scan results are stored on our own private server in the Netherlands. No third-party analytics, no tracking cookies, and we never sell your data.

Confidentiality

NDA on request

Findings stay between us. We sign a non-disclosure agreement on request, and reply within one business day.

Questions

Common questions.

Is the free scan really free?

Yes. Enter a domain and we scan your public homepage, no account and no payment needed. The automatic monthly scans on your verified domains are the paid part.

How is this different from a full pentest?

A pentest is a deep, manual engagement. Resync Radar is the continuous layer between pentests. It watches for the common misconfigurations that creep in over time and warns you early. For a full manual test, talk to Resync.

Do I have to prove I own the domain?

Yes. Automatic scans only run on domains you verify with a DNS TXT record, so we never scan a site without the owner's consent. The free homepage scan is the only exception, and it stays on the public homepage.

Can I cancel anytime?

Yes. Cancel any month. Nothing more is charged and you keep access until the end of the paid period.

Is my website safe during a scan?

The scanner only fetches public pages with GET requests. It does not log in, submit forms or change anything. It holds no secrets and stores only the findings.

Ready?

Put your website on the radar.

Start with a free scan. Verify your domains and let Resync Radar watch them, with every finding in your live dashboard.

Free scan, no account needed
Free to start Cancel any month Built by pentesters