Scan your assets for API, OAuth and Web vulnerabilities

(Based on our recent HotJar publication.)

Start scanning
Thank you for your submission.  Due to overwhelming demand, we are out of capacity to handle all of the scan requests. You might not get a response.
Oops! Something went wrong while submitting the form.

Note: due to overwhelming demand, we are out of capacity to handle all of the scan requests. You may enter your information, but you might not get a response.

What we are scanning?
  • Salt Labs has developed a unique method of scanning online services to identify potential API threats, including several unique OAuth attack vectors, such as the issues we commonly find in the wild.
  • Unpatched OAuth vulnerabilities can lead to data breaches and account takeovers. Salt Labs helps you identify and address these risks before they occur.
  • Many organizations and online services are prone to these kinds of vulnerabilities, such as the cases we reported, which we found on Booking.com, Grammarly, HotJar, and others.
  • Our scanning technique uses only non-intrusive methods and is designed not to pose any risk to your services, nor to trigger any WAF or other existing roalerts. It does not require any private information, authentication keys, passwords, or anything else other than the scanned domain.
  • Please note that in order to prevent abuse, we must confirm ownership of the domain in cases where we can not do this automatically.

With from Salt Labs

Salt