VULNEBIFY

<- Home

About Vulnebify

Vulnebify is a cyber defense platform designed to help businesses, authorities, and security professionals identify, mitigate, and defend against vulnerabilities on the public internet.

We operate a distributed scanning network that collects publicly accessible metadata β€” such as open ports, TLS certificates, and HTTP response details β€” to provide visibility into exposed infrastructure. Our goal is to make the internet safer by supporting vulnerability awareness, proactive defense, and responsible security research.

What we scan

Vulnebify performs low-impact, non-intrusive scans of publicly reachable IP addresses and domain names. Our scanning is strictly limited to metadata collection and does not attempt to authenticate, exploit, or access private systems.

Data we collect includes:

  • Open TCP ports and service availability
  • HTTP response metadata (status, headers, page titles)
  • TLS certificate chains and fingerprinting
  • Basic service banners and protocol-level data

We follow ethical scanning principles as outlined in our Terms and Conditions.

How to identify Vulnebify

We ensure our scanners are easily identifiable through both DNS and HTTP headers:

  • PTR records: All scanning nodes use reverse DNS entries like:
    node-1.scanning.vulnebify.com
  • User-Agent: HTTP requests include the following header:
    Mozilla/5.0 (compatible; VulnebifyResearch/1.0; +https://about.vulnebify.com/)

How to block Vulnebify

If you prefer not to receive scan traffic from Vulnebify, you can block or filter our probes in any of the following ways:

  • PTR-Based filtering: Block IPs with reverse DNS matching *.scanning.vulnebify.com
  • User-Agent filtering: Deny HTTP requests with the following User-Agent string:
    Mozilla/5.0 (compatible; VulnebifyResearch/1.0; +https://about.vulnebify.com/)
  • Manual IP blocking: Perform reverse lookups on IPs and filter based on scanning origin
  • Opt-out: Email [email protected] with your IP range or CIDR block to request exclusion

Opt-out requests are reviewed and verified for ownership before being processed. We aim to respond within 7 business days.

Why our work matters

The data collected by Vulnebify is used by security teams, CERTs, and authorized security researchers to identify exposures early and reduce risk. It supports proactive defense by enabling faster response times, increased visibility, and continuous assessment of internet-facing assets.

Blocking our scanners may reduce the effectiveness of these early-warning efforts and prevent notification of emerging risks.

Contact

For questions, concerns, or abuse reports, please reach out:

Email: [email protected]

<- Home
πŸ‡ΊπŸ‡¦ Made in Kyiv with love