Security Intelligence for Your Infrastructure
Scan endpoints for vulnerabilities, get structured findings with remediation. Built for DevOps pipelines and AI agents.
5
Scan Levels
0-100
Risk Scoring
API
Agent-Ready
AppSafe API
Security scanning as an API — built for AI agents, DevOps pipelines, and automated security audits.
⚡ Agent Quick Start
# 1. Start scan
SCAN_ID=$(curl -s -X POST https://appsafe.llmvps.com/scan \
-H 'Content-Type: application/json' \
-d '{"target":"YOUR_IP","profile":"quick","ports":[22,80,443]}' | jq -r .scan_id)
# 2. Poll until complete
curl -s https://appsafe.llmvps.com/scan/$SCAN_ID
# 3. Response includes: risk_score, findings by severity, remediation commandsBase URL
https://appsafe.llmvps.com
Authentication
API keys are optional by default. When API key authentication is enabled, include your key in the X-API-Key header.
# Generate a new API key
python main.py generate-key your-key-name
# Use in requests
curl -H "X-API-Key: your-api-key-here" https://appsafe.llmvps.com/scan/abc123Scan Profiles
quick
Top 10 ports
~1 secondfast
Top 100 ports
~5 secondsstandard
Top 1000 ports + services
~30 secondsintense
All 65535 ports + OS
~5 minutesdeep
Comprehensive + vulnerabilities
~10 minutesEndpoints
POST
/scan
Start a new security scan
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
target |
string | Yes | IP, domain, or URL to scan |
profile |
string | No | Scan profile (default: fast) |
ports |
array | No | Custom port list (max 1000) |
# Targeted scan
curl -X POST https://appsafe.llmvps.com/scan \
-H 'Content-Type: application/json' \
-d '{"target":"192.168.1.1","profile":"quick","ports":[22,80,443]}'
# Deep scan
curl -X POST https://appsafe.llmvps.com/scan \
-H 'Content-Type: application/json' \
-d '{"target":"example.com","profile":"deep"}'
GET
/scan/{scan_id}
Get scan status and results
# Response
{
"status": "completed",
"target": "example.com",
"profile": "quick",
"risk_score": 42,
"findings": [
{
"severity": "medium",
"title": "Outdated TLS version",
"description": "Server supports TLS 1.0",
"remediation": "Disable TLS 1.0 and 1.1, enable only TLS 1.2+",
"cwe": "326"
}
],
"data": {
"resolved_ip": "93.184.216.34",
"network": [...],
"web": {...}
}
}
GET
/scan/{scan_id}/stream
Server-Sent Events stream for real-time progress updates
curl -N https://appsafe.llmvps.com/scan/abc123/stream
# SSE events:
data: {"phase":"port_scan","overall_progress":45,"current_activity":"Scanning port 443"}
GET
/report/{scan_id}
Download PDF report for completed scan
GET
/health
Health check and API version
{
"status": "healthy",
"version": "2.1.0",
"profiles": ["quick", "fast", "standard", "intense", "deep"]
}Findings & Risk Scoring
| Severity | Score Weight | Examples |
|---|---|---|
| Critical | 25 points | Unencrypted admin ports, default credentials |
| High | 15 points | Outdated SSL/TLS, missing security headers |
| Medium | 8 points | Weak cipher suites, verbose error messages |
| Low | 3 points | Minor misconfigurations, information disclosure |
| Info | 0 points | General observations, no security impact |
DevOps Integration
Use AppSafe as a pre-deploy security gate in your CI/CD pipeline:
#!/bin/bash
# Pre-deploy security gate
# Get currently running services
PORTS=$(netstat -tuln | grep LISTEN | awk '{print $4}' | cut -d':' -f2 | sort -u | tr '\n' ',' | sed 's/,$//')
# Scan localhost
SCAN_ID=$(curl -s -X POST https://appsafe.llmvps.com/scan \
-H 'Content-Type: application/json' \
-d "{\"target\":\"localhost\",\"profile\":\"fast\",\"ports\":[$PORTS]}" | jq -r .scan_id)
# Wait for completion
while true; do
STATUS=$(curl -s https://appsafe.llmvps.com/scan/$SCAN_ID | jq -r .status)
[ "$STATUS" = "completed" ] && break
sleep 2
done
# Check risk score
RISK=$(curl -s https://appsafe.llmvps.com/scan/$SCAN_ID | jq -r .risk_score)
if [ "$RISK" -gt 50 ]; then
echo "❌ Security gate failed: Risk score $RISK exceeds threshold"
exit 1
fi
echo "✅ Security gate passed: Risk score $RISK"Use Cases
🔄 CI/CD Gates
Automated security checks before deployment
📅 Scheduled Audits
Regular scans via cron or task scheduler
🤖 AI Agents
MCP/function calling for autonomous security audits
📋 Compliance
Evidence collection for audit trails
Start Securing Your Infrastructure
Free to start. Scale as you grow.
Free
$0
/month
- ✓ 10 scans per day
- ✓ Quick + Fast profiles
- ✓ Basic findings
- ✓ PDF reports
- ✓ Community support
Most Popular
Pro
$29
/month
- ✓ Unlimited scans
- ✓ All 5 scan profiles
- ✓ Full API access
- ✓ Webhook callbacks
- ✓ Scan history & diffs
- ✓ Email support
Enterprise
Custom
- ✓ Everything in Pro
- ✓ Custom scan profiles
- ✓ SSO / SAML
- ✓ Dedicated infrastructure
- ✓ SLA guarantees
- ✓ Priority support