Closed Beta  ·  Limited spots available

Scopeix

Local Reconnaissance & Intelligence Platform
for Security Researchers

Automate reconnaissance, asset discovery, screenshots, port analysis, CVE enrichment, and intelligence reporting from a single interface.

Request Beta Access View Features

⚠ Only use against targets you own or have explicit written authorisation to test. Unauthorised scanning is illegal.

8 Scan Modules
Local First
No Cloud account required
1 Unified Interface
Capabilities

Everything you need, in one place

A modular platform designed for methodical security assessment and vulnerability research. Each module is independently configurable and can be run in any combination.

Reconnaissance Engine

Automated subdomain enumeration, DNS resolution, and alive-host identification. Helps map your target's attack surface starting from a single domain.

Port Analysis

Port scanning with service detection and version fingerprinting. Results are automatically classified by risk level — database ports, exposed services, and HTTP endpoints each highlighted distinctly.

Screenshot Collection

Automatically captures screenshots of discovered HTTP/HTTPS endpoints. Browse a responsive gallery with fullscreen lightbox view directly in the interface.

Directory Discovery

Active path and file enumeration across discovered hosts. Results are rendered as a filterable table with HTTP status badges, response sizes, and methods.

CVE Enrichment

Correlates detected software versions against CVE databases. Surfaces critical and high-severity vulnerabilities with CVSS scores and direct reference links.

Intelligence Analysis

Aggregates all scan data into a structured intelligence report. Prioritised findings, raw metrics, and a plain-language executive summary generated per scan.

Attack Path Generation

Maps how discovered assets and vulnerabilities chain together into potential attack paths. Visual representation of your target's exposure profile from an attacker's perspective.

Report Generation

Export structured reports covering the complete scan lifecycle — target overview, findings, CVEs, and intelligence summary — ready for documentation or submission.

Interface

Built for clarity and speed

A local web interface that gives you complete visibility into every scan, accessible from any browser on your machine.

localhost:8080
Scopeix dashboard showing a completed scan job for juice-shop.herokuapp.com with Details and Intelligence action buttons
Dashboard — Job Overview
localhost:8080/job/abc123/view
Scan details page showing target metadata, DONE status, module tags, scan duration, and a summary grid of alive hosts, subdomains, open ports and CVEs
Scan Details — Findings Overview
localhost:8080 — Intelligence Analysis
Intelligence Analysis panel showing risk summary, asset risk scores with LOW rating, correlated findings and attack paths sections
Intelligence Panel — Attack Surface Analysis
localhost:8080/job/abc123/view — screenshots
Screenshot gallery showing thumbnail previews of scanned web endpoints including juice-shop.herokuapp.com and example.com
Screenshot Gallery — Endpoint Previews
Philosophy

Why Scopeix?

Designed around the realities of bug bounty hunting and security assessment work. Every feature exists to address a specific friction point in the reconnaissance-to-report workflow.

  • Local-first architecture

    Everything runs on your machine. Your targets, findings, and credentials never touch an external server. Full control, full privacy.

  • Zero cloud dependency

    No API keys to manage, no data leaving your network, no subscription model. Works completely offline once installed.

  • Centralised workflow

    Replace a pile of disconnected terminal windows, text files, and spreadsheets with a single interface that tracks every scan from start to report.

  • Intelligence-driven output

    Raw scan data is automatically correlated into a structured intelligence layer — prioritised findings, attack paths, and executive summaries generated per target.

  • Designed for bug bounty & assessments

    Scope-aware scanning, structured output per target, and export-ready reports make it equally useful for bug bounty programs and professional security assessments.

// Scan workflow

1

Submit a target

Enter a domain, select your scan modules, and launch. The queue handles the rest.

2

Automated recon runs

Subdomains, ports, paths, screenshots, and CVEs are all collected in a single pipeline pass.

3

Intelligence is generated

Findings are aggregated and scored. Attack paths, prioritised risks, and summaries are automatically produced.

4

Review & report

Explore every artefact through the web interface or export structured reports for submission.

Beta Program

Join the
Closed Beta

We're looking for security researchers and bug bounty hunters who want to shape the direction of Scopeix. Beta access is limited — apply below and we'll review your application within 48 hours.

  • Early access to all features before public release
  • Direct line to the developer via Discord
  • Your feedback directly influences the roadmap and priorities
  • Access to future beta builds and release candidates
Please enter your name.
Please enter a valid email address.
Please select your operating system.
Please select your experience level.
Please tell us a bit about yourself and your use case.

We review every application and reply by email, usually within 48 hours.

Application received — thank you!

Thanks for applying to the Scopeix closed beta. We review every application and will get back to you by email, usually within 48 hours.

FAQ

Common questions

Yes, completely free. During the closed beta there are no charges, subscriptions, or paywalls of any kind. Beta testers get access to all features. Future pricing, if any, has not yet been decided, and beta testers will be informed well in advance of any changes.
Scopeix is designed for Linux-first environments, with the best experience on Kali Linux and Ubuntu/Debian. macOS is supported for development use. Windows is supported via WSL2. A Docker-based installation is also provided for platform-agnostic setup. Native Windows support is not currently available.
The interface and all core scan modules run entirely locally — no internet connection is required to use the platform. Certain enrichment features such as CVE lookups may query external databases when connectivity is available, but these degrade gracefully when offline. Your scan data never leaves your machine.
Yes — Scopeix runs active reconnaissance modules including port scanning, directory discovery, and screenshot capture. This generates real network traffic to the target. You are solely responsible for ensuring you have appropriate authorisation to test any target before launching a scan. Only use Scopeix against targets you own or have explicit written permission to test.
We review applications manually and typically respond within 48 hours. Accepted testers receive an email with installation instructions, a pre-configured tester package, and an invite to the private beta Discord channel. If your application is not accepted in this round, we'll keep it on file for future beta cohorts.
Scopeix is a Python-based orchestration platform. It coordinates a set of well-established open-source security tools — including tools for subdomain enumeration, port scanning, directory brute-forcing, and screenshot capture — and exposes their output through a unified local web interface. A full list of dependencies is included in the tester package.
A public release may follow after the beta period concludes and the codebase stabilises. Beta testers will be informed if and when that happens. In the meantime, the source code is shared privately with accepted beta testers.