Vulnerability Assessment & Penetration Testing

Find vulnerabilities
before someone else does

Sentinel is Airgrid's platform for vulnerability assessment of websites, applications and infrastructure. Modular, fully logged, GDPR-compliant.

Create free account See plans

No credit card required  ·  EU users only

15+
Scan modules
3
Plan tiers
GDPR
EU Reg. 2016/679 compliant
EU
European users only

Platform

Built for professionals

Every aspect of Sentinel is designed for traceability, operational security and legal compliance.

Protected access

Access to the platform is restricted and subject to identity verification.

Professional reports

Every scan generates an exportable report with severity ratings, evidence and remediation steps for each finding.

Activity tracking

All platform activity is logged and retained in compliance with applicable regulations.

GDPR compliant

The platform is designed in accordance with EU Regulation 2016/679 and applicable national legislation.

NIS2 compliance support

EU Directive 2022/2555 (NIS2) requires organisations to identify and manage vulnerabilities in their systems. Sentinel supports this obligation by providing continuous vulnerability assessment, documented evidence and audit-ready reports — making a concrete contribution to your organisation's NIS2 compliance journey.

Technical capabilities

15 specialised scan modules

From a quick HTTP header check to a full RED Team pentest. Each module produces findings classified by severity.

HTTP Headers FREE

HSTS, CSP, X-Frame-Options, CORS, cookie security, information disclosure.

SSL / TLS FREE

Certificate, expiry, obsolete protocols, weak cipher suites, HTTP→HTTPS redirect.

Tech Detection FREE

CMS, framework, WAF, CDN, WordPress, analytics, technology fingerprinting.

Web Vulnerabilities PRO

.git/.env exposed, SQLi, reflected XSS, CSRF, open redirect, OWASP sensitive files.

DNS Recon PRO

A/MX/NS/TXT records, SPF/DKIM/DMARC, zone transfer, subdomain enumeration.

Port Scan PRO

Top 1000 TCP ports via nmap, service detection, dangerous open ports.

OS & Firewall ID PRO

OS fingerprinting, network firewall identification (make/model), associated CVEs.

JS Secrets RED

Finds API keys, tokens and hardcoded credentials in public JavaScript files.

Subdomain Takeover RED

Subdomains pointing to unclaimed services: GitHub Pages, Heroku, S3 and more.

Cloud Storage RED

S3, GCS and Azure Blob buckets: checks for unauthorised public access.

API Discovery RED

Swagger, GraphQL, Spring Actuator, phpMyAdmin and exposed management panels.

SSRF Probe RED

Parameters and endpoints vulnerable to Server-Side Request Forgery and Open Redirect.

Auth Check RED

Rate limiting, lockout, CAPTCHA and default credentials on login forms.

Cert Transparency RED

crt.sh queries for historical and active subdomains in public TLS certificate logs.

Info Harvest RED

Emails, internal IPs, sensitive comments, software versions and social profiles from source.

Plans & pricing

Simple. Transparent. No surprises.

Monthly subscription, cancel anytime. All plans include secure access and activity logging.

Basic plan

Free

€ 0 / month

No card required

  • 1 scan per day
  • Quick Scan: Headers, SSL, Tech
  • Results stored 1 day
  • Export PDF / TXT
  • Advanced modules
Start free
MOST POPULAR

Professional plan

Web Sec PRO

€ 3,90 + VAT / month

VAT 22% · Monthly subscription

  • 3 scans per day
  • Full, Web, Ports, DNS, OS & Firewall
  • PDF & TXT report export
  • Results stored 5 days
  • RED Team modules
Sign up and activate PRO

Advanced plan

Web Sec RED

€ 19,90 + VAT / month

VAT 22% · Monthly subscription

  • 5 scans per day
  • All PRO modules included
  • JS Secrets · SSRF · API Discovery
  • Subdomain Takeover · Auth Check
  • Results stored 30 days
Sign up and activate RED

Authorised use only. Sentinel services are intended solely for systems for which the user holds explicit written authorisation. Unauthorised use may constitute criminal offences under applicable law. All activities are logged and retained. Airgrid S.r.l. accepts no liability for unlawful use.