Secri Radar ⭐
Sign inGet started free
Subdomain security, automated

Know when your domains
are under attack

Secri Radar continuously discovers subdomains across your organisation, detects dangling DNS records and takeover vulnerabilities, and alerts your team in real time — before attackers act.

Start monitoring freeSee how it works
secri-radar — alerts
CRITICAL

Subdomain takeover risk

staging.acme.com

CNAME → deprovisioned Heroku app

just now
HIGH

Dangling CNAME detected

cdn.acme.com

Points to deleted CloudFront distribution

2 min ago
MEDIUM

Orphan subdomain

old-api.acme.com

No DNS response — potentially abandoned

18 min ago

100+

Takeover signatures

< 5 min

Alert latency

24 / 7

Continuous scanning

3 methods

Discovery techniques

How it works

Up and running in minutes

01

Add your domain

Enter the root domain you want to monitor. We support any public domain — no DNS changes required.

02

We scan continuously

Our scanners run around the clock — pulling CT log entries, brute-forcing DNS, and HTTP-probing every subdomain we find.

03

Get alerted instantly

When a takeover risk or orphan subdomain is detected, you're notified within minutes via email or Slack.

Features

Everything you need to stay ahead

From passive discovery to active exploitation checks, Secri Radar covers the full subdomain attack surface.

Certificate Transparency Logs

Every TLS certificate ever issued is public. We parse CT logs continuously to surface new subdomains the moment they appear — before attackers do.

DNS Brute-force Discovery

Our curated wordlist probes tens of thousands of common subdomain patterns against your domains using parallel DNS resolution.

HTTP Probing & Fingerprinting

We actively probe discovered subdomains and match HTTP responses against a signature library of 100+ vulnerable cloud services.

Takeover Detection

Dangling CNAMEs, orphaned S3 buckets, deprovisioned Heroku apps — we identify exploitable misconfigurations before attackers claim them.

Instant Alerts

Get notified the moment a risk is detected. Route critical findings to Slack channels, email inboxes, or your own webhook endpoint.

Multi-tenant & Team Ready

Manage multiple organisations and domains from one dashboard. Invite team members with role-based access control.

The threat is real

Subdomain takeovers silently compromise your brand

When a CNAME record points to a cloud service you no longer own — an S3 bucket, a Heroku app, a Fastly endpoint — an attacker can register that service and serve arbitrary content from your domain.

  • Phishing pages that bypass domain-based email filters
  • Malicious JavaScript served from a trusted origin
  • Session cookie theft via same-site policy abuse
  • Brand impersonation and credential harvesting

What Secri Radar protects against

  • Dangling CNAME records
  • Orphan cloud service endpoints
  • Abandoned S3 / GCS buckets
  • Deprovisioned Heroku / Netlify apps
  • Expired Fastly / Cloudfront origins

Pricing

Simple, transparent pricing

Start free. Upgrade when your attack surface grows.

Free

$0/month

For individuals exploring their attack surface.

  • 1 domain
  • Scan every 3 days
  • Email alerts
  • CT log + DNS discovery
Start free
Most popular

Pro

$100/month

or $1,000/year — save 2 months

For security teams with real monitoring needs.

  • 5 domains
  • Scan every 6 hours
  • Email + Slack alerts
  • HTTP probing & takeover detection
  • Priority support
Get started

Enterprise

Custom

For large organisations with complex requirements.

  • Unlimited domains
  • Custom scan frequency
  • All alert channels
  • SSO / SAML
  • Dedicated support & SLA
Contact us

Start monitoring for free today

Add your first domain in under a minute. No credit card required.

Create your free account