Defense Tools AI Suite

Last Scan Complete

Full Assessment · 8 targets · 524,288 ports scanned · 19 findings

Feb 20, 2026, 2:58 AM

Duration: 43 min

4

critical

5

high

5

medium

3

low

2

informational

12

Exploitable

19

Total Findings

9.8

Max CVSS

5.9

Avg CVSS

7

Assets Discovered

Severity Distribution

critical

4

high

5

medium

5

low

3

informational

2

Findings by Category

Authentication4

Injection2

Information Disclosure2

Security Misconfiguration2

Network Vulnerability1

Server-Side Request Forgery1

Cross-Site Scripting1

Broken Access Control1

Cross-Site Request Forgery1

DNS Security1

Path Traversal1

Cryptography1

Session Management1

Asset Risk Overview

10.0.1.50

web01.example.mil

8 vulns92

10.0.2.20

api-gw01.example.mil

5 vulns85

10.0.3.10

db01.example.mil

4 vulns78

10.0.0.1

vpn01.example.mil

3 vulns67

10.0.1.25

mail01.example.mil

3 vulns56

10.0.2.10

fw01.example.mil

2 vulns45

10.0.1.2

dns01.example.mil

2 vulns38

Compliance Status

PCI-DSS13 failures / 13 checks

NIST9 failures / 9 checks

HIPAA2 failures / 2 checks

SOC23 failures / 3 checks

ISO270011 failures / 1 checks

Add Target

Authorization Required: Only scan targets with explicit written authorization. Unauthorized scanning is illegal.

TargetTypeValueStatusLast Scan

Web Application Server

ip10.0.1.50completed2/20/2026

Web Application Server

completed

ip10.0.1.50

DMZ Subnet

cidr10.0.2.0/24completed2/20/2026

DMZ Subnet

completed

cidr10.0.2.0/24

Public Web Portal

domainportal.example.milcompleted2/20/2026

Public Web Portal

completed

domainportal.example.mil

REST API Gateway

urlhttps://api.example.mil/v2completed2/20/2026

REST API Gateway

completed

urlhttps://api.example.mil/v2

Internal Database

ip10.0.3.10completed2/20/2026

Internal Database

completed

ip10.0.3.10

Mail Server

ip10.0.1.25completed2/20/2026

Mail Server

completed

ip10.0.1.25

DNS Server

ip10.0.1.2completed2/20/2026

DNS Server

completed

ip10.0.1.2

VPN Gateway

ip10.0.0.1completed2/20/2026

VPN Gateway

completed

ip10.0.0.1

Staging Environment

Awaiting authorization

domainstaging.example.milpending—

Staging Environment

pending

domainstaging.example.mil

Production DB (Excluded)

Production database — DO NOT SCAN

ip10.0.3.1Excluded—

Production DB (Excluded)

Excluded

ip10.0.3.1

9

In Scope

1

Excluded

8

Scanned

2

Pending

Scan Configuration

Scan Type

Threads

Targets in Scope

9 targets

Scan Modules

TCP SYN Port Scan

Full 65535 port scan

UDP Port Scan

Top 1000 UDP ports

Service Fingerprinting

Version detection & banner grabbing

Web App Scanner

OWASP Top 10 testing

SSL/TLS Evaluation

Cipher suite & certificate analysis

DNS Enumeration

Zone transfer, subdomain discovery

Credential Testing

Default & weak credential checks

Exploit Testing

CVE-based exploit validation

Scan Progress

100%

02:15:00[Scanner]Full assessment scan initiated — 8 targets in scope

02:15:02[Port Scanner]Starting TCP SYN scan on 10.0.1.50 (ports 1-65535)

02:15:05[Port Scanner]Discovered 4 open ports on 10.0.1.50: 22, 80, 443, 8080

02:15:08[Fingerprint]Starting service fingerprinting on 10.0.1.50

02:15:12[Fingerprint]Identified Apache 2.4.52, Spring Boot 2.7.14, OpenSSH 8.9p1

02:15:15[Port Scanner]Starting TCP SYN scan on 10.0.2.0/24

02:16:30[Port Scanner]DMZ scan complete — 3 live hosts, 8 open ports

02:17:00[Web Scanner]Starting web application scan on portal.example.mil

02:18:00[Exploit Engine]CRITICAL: RCE via deserialization on 10.0.1.50:8080

02:20:00[Web Scanner]CRITICAL: SQL injection confirmed on auth endpoint

02:22:00[CVE Scanner]CRITICAL: FortiGate CVE-2024-21762 confirmed on 10.0.0.1

02:25:00[Credential Scanner]CRITICAL: Hardcoded admin credentials discovered

02:28:00[Web Scanner]HIGH: SSRF in API gateway document fetcher

02:30:00[Auth Scanner]HIGH: JWT alg:none accepted by API gateway

02:32:00[Web Scanner]HIGH: Stored XSS in user profile bio field

02:35:00[Port Scanner]HIGH: Redis instance exposed without authentication

02:37:00[Web Scanner]HIGH: IDOR allows access to confidential documents

02:40:00[SSL Scanner]Starting SSL/TLS evaluation on all HTTPS endpoints

02:44:00[DNS Scanner]Starting DNS enumeration on example.mil

02:46:00[DNS Scanner]MEDIUM: DNS zone transfer enabled — 847 records exposed

02:50:00[Credential Scanner]Starting default credential testing on discovered services

02:55:00[Compliance]Generating compliance mappings (PCI-DSS, HIPAA, SOC2, ISO27001, NIST)

02:58:00[Scanner]Scan complete — 19 findings (4 critical, 5 high, 5 medium, 3 low, 2 info)

Select a finding to view details

Executive Summary

High-level risk overview for C-suite and board. Includes overall risk rating, key metrics, and strategic recommendations.

Full Technical Report

Detailed findings with evidence, CVSS scoring, remediation steps, and compliance mappings.

Compliance Report

Mapped findings against PCI-DSS, HIPAA, SOC 2, ISO 27001, and NIST frameworks.

Compliance Framework Mapping

Framework	Checks	Failures	Status	Score
PCI-DSS	13	13	NON-COMPLIANT	0%
NIST	9	9	NON-COMPLIANT	0%
HIPAA	2	2	NON-COMPLIANT	0%
SOC2	3	3	NON-COMPLIANT	0%
ISO27001	1	1	NON-COMPLIANT	0%

Remediation Roadmap

Immediate (0-7 days)

4 findings

VF-001Remote Code Execution via Java DeserializationCVE-2023-44487

VF-002SQL Injection in Authentication Endpoint

VF-003FortiGate SSL VPN Pre-Auth RCE (CVE-2024-21762)CVE-2024-21762

VF-004Hardcoded Administrative Credentials in Application

Short-Term (7-30 days)

5 findings

VF-005Server-Side Request Forgery (SSRF) in Document Fetcher

VF-006JWT Token Signature Not Verified

VF-007Stored XSS in User Profiles

VF-008Redis Instance Exposed Without Authentication

VF-009IDOR in File Downloads — Confidential Document Access

Medium-Term (30-90 days)

5 findings

VF-010Missing Rate Limiting on Login Endpoint

VF-011CSRF on State-Changing Actions

VF-012Sensitive Data in API Error Messages

VF-013DNS Zone Transfer Enabled

VF-014Directory Traversal in File Upload

Long-Term (90+ days)

5 findings

VF-015Missing HTTP Security Headers

VF-016Outdated TLS Configuration (TLS 1.0/1.1 Enabled)

VF-017Session Tokens Not Invalidated on Logout

VF-018Application Framework and Version Fingerprinting

VF-019SMTP Open Relay Partially Configured

Severity Distribution

Findings by Category

Asset Risk Overview

Compliance Status

Add Target

Scan Configuration

Scan Modules

Scan Progress

Executive Summary

Full Technical Report

Compliance Report

Compliance Framework Mapping

Remediation Roadmap

Immediate (0-7 days)

Short-Term (7-30 days)

Medium-Term (30-90 days)

Long-Term (90+ days)

Export Options