1scan
Open-source security scanner for AI systems.
Network. Web App. LLM. One command, one report.
go install github.com/onoz1169/1scan@latest Network
Top 100 TCP ports, UDP (DNS / SNMP / NTP), CVE lookup via NVD, Shodan enrichment. Flags exposed databases, plaintext services, and high-risk port exposures.
- Elasticsearch, Redis, MongoDB — unauthenticated exposure
- Telnet, FTP, SMB — plaintext or legacy protocols
- Port-service mismatch detection
- NVD CVE enrichment per finding
Web App
OWASP Top 10 2021 configuration checks. Headers, TLS, CORS, cookies, sensitive path discovery — mapped to OWASP categories with severity ratings.
- CORS — arbitrary origin reflection with credentials
- HSTS, CSP, X-Frame-Options headers
- TLS version and certificate validity
- 25+ sensitive paths — .env, .git, actuator, swagger
LLM
OWASP LLM Top 10 2025 probes. Auto-detects OpenAI-compatible, Ollama, Anthropic, and HuggingFace TGI endpoints. Includes MCP server security scanning.
- Prompt injection — role manipulation, encoding bypass, delimiter attacks
- System prompt leakage — extraction probes (LLM07)
- Sensitive information disclosure — credentials, API keys
- MCP tool poisoning, schema injection, SSRF via URL params
Run a single command. Get a unified report across all three layers.
$ 1scan scan -t https://api.example.com [/] Scanning network layer... [+] network: 4 findings [/] Scanning webapp layer... [+] webapp: 7 findings [/] Scanning llm layer... [+] llm: 2 findings ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1scan — Security Scan Report Target: https://api.example.com Duration: 8.4s ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ [NETWORK LAYER] ● Elasticsearch (9200) exposed — unauthenticated CRITICAL ● Redis (6379) exposed HIGH [WEBAPP LAYER] ● Missing HSTS header HIGH ● CORS reflects arbitrary origin with credentials CRITICAL [LLM LAYER] ● Prompt Injection (role-manipulation) detected HIGH ● System Prompt Leakage HIGH SUMMARY CRITICAL: 2 HIGH: 4 MEDIUM: 1 LOW: 0 INFO: 2
Drop into GitHub Actions. Fail builds on critical findings. Upload results to GitHub Security tab via SARIF.
- name: Run 1scan run: | go install github.com/onoz1169/1scan@latest 1scan scan -t ${{ env.TARGET_URL }} -F sarif -o results.sarif --fail-on none - name: Upload to GitHub Code Scanning uses: github/codeql-action/upload-sarif@v3 with: sarif_file: results.sarif
1scan is free and open-source. For teams that need a thorough assessment, remediation guidance, or ongoing coverage — we offer professional services built on top of the tool.
- Network + Web App + LLM scanning
- OWASP LLM Top 10 2025 coverage
- MCP security scanning
- CI/CD integration (SARIF output)
- Terminal, JSON, Markdown, HTML reports
- Self-hosted — no data sent externally
- 1scan automated scan across all three layers
- Top risks report — severity-ranked findings with remediation hints
- 1× 60-min walkthrough session
- Best for startups and pre-launch validation
- Full 1scan scan across all three layers
- Manual verification of MCP / RAG / AI agent attack surfaces
- OWASP LLM Top 10 / MITRE ATLAS mapping
- Vulnerability report with executive summary
- Prioritized remediation roadmap
- Findings walkthrough session (1×)
- Full Assessment scope (included)
- Zero Trust architecture design for AI systems
- Permission and access control design for RAG and AI agents
- Guardrail implementation guidelines
- CI/CD security gate integration support
- Architecture review sessions (multiple)
- Monthly scans with delta reporting
- Continuous coverage of emerging attack techniques
- Security review for the development team
- Incident response support
- Quarterly security posture report
- Async Q&A via Slack or email
All paid plans are available in English and Japanese. Prices are exclusive of tax.
Start scanning your AI stack
Run 1scan against your LLM endpoints today — or talk to us about a professional assessment.