Nice! I got 840 unique subdomains for my target with API keys which is the highest number of subs among other tools!
@__tharaka, Bug Bounty Hunter
Try it Out For Free!Simple Recon System
How PRO Bug Bounty Hunters Find Bugs Consistently.
And Map Out the REAL Attack Surface of Your Target
Start Your Scan in < 3 minutes • Cancel Anytime
Used by 20+ clients
3-Day Free Trial
Recurring & Scheduled Scans
Intuitive Dashboard
Keep Track of Targets
Recurring & Scheduled Scans
Content Discovery
Template-Based Scanner
REST API Access
Zero Setup. Domain in Domains Out.
We manage everything for you. No need to run 10+ different tools, process each different output separately, filter them and find a storage option.
We find you all the subdomains of any domain through 7+ several methods.
We filter them, fingerprint them, and screenshot them for you.
All of that is done for you. That's 5 hours of your time saved. Each week.
Your part? Checking all your new subdomains every day.
Without SRS
- Manage and Run 10+ Different Tools & Outputs
- 5+ Hours Wasted Each Week on Running Several Tools
- No Optimal Storage Solution
With SRS
- Fully Managed System
- Hours of Your Time Saved That You Can Use on Hunting Down Vulnerabilities
- Managed Optimized Storage Solution to Help You Query & Filter Data
Pricing Tailord to Your Needs
Customer Review
See what our clients are saying about us
I am using novasec for recon and I am very happy with it, it is easy to use, plus it has some very interesting tools that I have not seen elsewhere, highly recommended.
@thedaniuxx, a Penetration Tester & Part-Time Bug Bounty Hunter using Nova Security
Simple Recon System
Suited for Bug Bounty Hunters & Penetration Testers
27 EUR / month (VAT excl.)
(27.00 EUR 0.0% VAT Inc.*)
- Unlimited Scans
- Keep Track of Subdomains
- Probe For Live Hosts
- Scheduled & Recurring Scans
- Content Discovery Scanner
- Template-based Scanner
- JS File Monitor
- Integrated Attack Surface Management Platform
- Screenshots & Fingerprinting of Live Hosts
- REST API (with data exports)
- Instant Notifications
- Continuous UpdatesLatest Update: Last Week
Need Something More Powerful? Reach Out to Us & Let's Chat!
* VAT rate is an estimate based on your current country ()
User-Friendly Dashboard Included.
It can become super tiring to view your data only on a terminal screen.
That's the reason why you get access to your own personal dashboard where you can:
Query Subdomains
Filter Data
Screenshot Live Hosts
Export Data
Your Data is Yours. And Will Stay Yours.
We are a company based out of the EU, and we value your privacy. All your data is yours and will stay yours.
We don't further process your data for our own gains, we simply run our own scans.
And our storage option is surely a huge upgrade from latest_target.com(1) (1).txt
REST API Access
For those who do like using grep and sed in your terminal, REST API access comes included by default.
Allowing you to pull the latest data, query it, filter it initiate scans, schedule them and much more.
curl -s https://api.novasec.io/api/hosts/latest \
-H 'X-API-Key: $API_KEY' | jq -r '.data[]'
kb.novasec.io
support.novasec.io
...
Integrated Instant Notifications
In addition to all the other available options, we also provide you with an instant notifications system to receive notifications on your favourite messaging app.
Slack
Discord
Telegram
SRS Gives You Everything
You Need to Never Miss Out on a New Target
Track Subdomains
Keep Track of New Subdomains on Your Target(s)
Content Discovery
Run Content Discovery Scans With Our All-in-One Content Discovery Tool SPIDER X
Template-Based Scanner
Easily Find Quick Wins Using Our Blazing-Fast Template-Based Scanner WAYPOINTS
JS File Monitor
Track Your Targets' JS Files and Stay Up-to-Date on The Latest Changes Using JS Alert
Scheduled Scans
Schedule Scans to Run Somewhere in The Future
Recurring Scans
Configure Scans to Run Each Day, Week or Month
Intuitive Dashboard
Your Personal Space to Do Almost Anything
Query Subdomains
Easily Query All Your Discovered Subdomains at Any Time
Query Vault
Build Your Own Historical Data Set And Private Vault for 0-day and 1-day Hunting
Filter Data
Filter Data Based on Hostname, Response Element, ...
Screenshot Hosts
View Screenshots of All Live Hosts
Instant Notifications
Receive Notifications on Your Messaging App
Export Data
Export All Your Data, Any Time You Want To
REST API Access
Integrate Your Tools With Our REST API
Third-Party API Integrations
Use Third-Party Services Like Github & Shodan to Enumerate More Subdomains
Continuous Future Updates
We Keep Refining SRS and Have One Objective In Mind: To Become the Best System
Don't Take Our Word For It.
Look at What Our Clients Are Saying About us
Bug Bounty Hunter
I liked the timed scanning & scheduling
Bug Bounty Hunter
The website is awesome, gives a great visual analysis of the target, and is comprehensive in recon and efficient, especially the Spider X. Timely notifications and a user has full control of their account
Penetration Tester, Part-Time Bug Bounty Hunter
I am using novasec for recon and I am very happy with it, it is easy to use, plus it has some very interesting tools that I have not seen elsewhere, highly recommended.
Bug Bounty Hunter
This tool is marvelous for recon subdomain gathering and content discovery with very fast output and I really liked that.
Bug Bounty Hunter
I recently had the opportunity to try out the Nova Security service and I must say, I was thoroughly impressed with its XSS tools and open redirect functionality. What sets Nova Security apart from other similar services is its unique approach of checking for reflection before crafting payloads.
Bug Bounty Hunter
Nice! I got 840 unique subdomains for my target with API keys which is the highest number of subs among other tools!
First 3 days are on us
You won't find an offer like this with our competitors. Or something that comes even remotely close to the amount of value you get.
We've worked hundreds of hours refining our reconnaissance system that we used personally for bug bounty hunting and some of our pentesting clients.
But don't take our word for it, try it out yourself now.
Frequently Asked Questions
I've got a quick question, who can I reach?
Is my data secure?
Yes, of course, your data is encrypted at rest (AES-256) and in transit (SSL/TLS) using strong encryption. Read our privacy policy for more information.
Will my data be further processed or used by Nova Security?
No, we do not process your own data for our own activities as we run our own scans separately. Nova Security SRS is just a tool for you to help you automate your reconnaissance system, nothing more. All the data is owned by you only and you can export and/or permanently delete it at any given moment!
Do I have to install anything on my end?
No, Nova Security SRS is a fully managed solution on the cloud. The tool is capable of doing everything for you, from processing and scanning to storing and loading data.
Will I lose access to my data after I unsubscribe?
Just as most software-as-a-service companies, your access gets restricted as soon as you unsubscribe. However, you always have access to export your data before unsubscribing. Questions? Feel free to reach out to us
Can I also pass on my API keys of other external sources (like Shodan, Security Trails, ...) to fetch more subdomains?
Yes, at the moment we provide support for Shodan, Security Trails, Virus Total & Github. You can set up your API keys under your profile settings in less than a minute.
If I don't like Nova Security, how do I cancel my plan?
Simply navigate to your profile, under "Subscriptions", click on "Unsubscribe". There's no need to reach out to us at all