About OnScanner

Built by people who
break into things for a living.

OnScanner is a web vulnerability scanner and website security scanner from Byte Optimizer, a security team that has spent years running hands-on penetration tests for healthcare, e-commerce, and SaaS companies. We took the way real attackers and pentesters find vulnerabilities and turned it into something you can point at your own sites and run in seconds, unauthenticated or authenticated.

10+
specialist scanning engines
40+
privacy & tracker categories
0
LLM calls during the scan (AI is opt-in)
Live
never-cached results, every scan

Why we built it

Most security scanners run a checklist and hand you a wall of low-signal alerts. Doing this work by hand, we kept seeing the same gap: the issues that actually get companies breached, like an exposed service, an exploitable CVE, a leaking tracker, or a forgotten subdomain, were the ones generic tools missed or buried.

So we built the tool we wished we had. OnScanner looks at a target the way an attacker would, runs specialist engines in parallel, and tells you what is genuinely exploitable right now instead of handing you a 200-row spreadsheet of maybes.

Then we packaged it so any team can run it on a schedule, wire it into CI, or drive it from an AI agent, with the same people who do the manual work standing behind it.

Unauthenticated and authenticated

See what an anonymous attacker sees from the outside, then scan behind login with credentials to reach the deeper, authenticated surface most tools never test.

Deterministic core, opt-in AI

The scan is rule-driven and reproducible, and it never calls an LLM. AI Findings are optional and opt-in; only then are your findings sent to a third-party AI provider, under terms that prohibit training on your data.

Evidence over noise

Findings are matched to authoritative CVE data and ranked with EPSS and CISA KEV, then checked for patch status and end-of-life, so you fix what matters first. See our methodology.

OnScanner & Byte Optimizer

OnScanner is a product of Byte Optimizer LLC, the company that builds, runs, and supports it. That is why our social profiles use the @byteoptimizer handle, and why billing, legal, and refunds are handled by Byte Optimizer as the operating company.

The two sides work together. OnScanner gives you continuous, automated coverage of your external attack surface, and Byte Optimizer's penetration testers are there for the deep, hands-on work that automation can't replace: hunting logic flaws, getting you ready for HIPAA, ISO, or SOC 2, and helping you fix what we find.

Company details

See your attack surface the way an attacker does

Start a free scan in seconds. No install, no agents. Point OnScanner at a site you own and get back a live, structured report.