External vulnerability scanning is crucial for understanding your organization’s security posture from an attacker’s perspective. ProjectDiscovery’s approach combines thorough asset discovery with precise vulnerability detection, focusing on exploitable issues rather than theoretical or low severity vulnerabilities.

Before starting external scans, ensure you have a complete inventory of your internet facing assets. Learn more about our Asset Discovery and Management capabilities.

Scanning Capabilities

ProjectDiscovery offers multiple scanning approaches, with automated scanning enabled by default and additional options for custom requirements:

Automatic Triggers

Scans automatically initiate when:

  • New assets are discovered
  • New templates are released
  • Infrastructure changes detected

Custom: Targeted Scans

  • Create specific scan workflows
  • Focus on selected assets
  • Custom template selection

Custom: Compliance Checks

  • Create compliance-focused scans
  • Security baseline validation
  • Custom compliance requirements
  • Misconfigurations detection

Automated Retesting

Automatically revalidate findings to confirm fixes and prevent regression.

Integration Support

Connect with ticketing systems for streamlined vulnerability management.

Custom Configuration

Add custom headers and variables for specialized scanning requirements.

Rate Limiting

Enterprise: Configure custom scan rates to match your infrastructure capacity.

ProjectDiscovery offers tiered scanning capabilities: Pro users can perform ultra-fast cloud scans (50x faster) with support for up to 1,000 assets, while Enterprise users gain additional features like custom scan limits, custom rate limits, and fixed scan IPs for whitelisting. Free users are limited to internal vulnerability scans only - learn more about internal scanning here.

Get Started with External Scanning

Create Scan

Launch your first external vulnerability scan

Configure Settings

Customize scan parameters and templates

Set Up Integrations

Connect with your security tools and workflows

Automation & API Access

Besides the UI-based scanning, you can programmatically trigger scans using our REST API:

POST https://api.projectdiscovery.io/v1/scans

Required headers:

X-API-Key: your-api-key
X-Team-Id: your-team-id  # Find at cloud.projectdiscovery.io/settings/team

Example request body:

{
  "name": "External Scan",
  "targets": ["example.com"],
  "templates": ["cves", "vulnerabilities"],
  "recommended": true,
  "scan_config_ids": ["config-id"],
  "alerting_config_ids": ["alert-id"],
  "reporting_config_ids": ["report-id"]
}

For detailed API documentation and additional endpoints, refer to our API Reference.

Browsing Scan Results

Once your scans are complete, you can explore the results to gain insights into your security posture. The ProjectDiscovery Cloud Platform provides a comprehensive view of all scan results, allowing you to:

  • View All Scans: Access a summary of all scans in your environment. Use categories like Vulnerabilities, Info, and Affected Assets to filter and refine your results.

  • Explore Individual Scans: Click on a specific scan to view detailed results, including vulnerabilities, affected assets, and detection information. Use filters such as Status, Severity, and Host to navigate through the data. Example scan URL: cloud.projectdiscovery.io/scans/<id>.

  • Review Vulnerabilities: Expand each vulnerability to see complete details, including the templates used, assets affected, and detection information. You can also export vulnerabilities in various formats (JSON, CSV, PDF) and modify their status (e.g., false positives, closed).

  • Retest and Remediate: Retest individual vulnerabilities to confirm fixes and review remediation recommendations provided for each issue.

  • Access Logs: View scanning logs for detailed information on time, assets, detection templates, and match results. Logs also include error information to assist with troubleshooting. Access logs directly using the format: /scans/<id>/logs.

New to ProjectDiscovery? Start with Asset Discovery to ensure comprehensive coverage of your external attack surface.

Next Steps

Was this page helpful?

Suggest edits