Reference
Documentation
How NANOTESTING works, what we test, and what we never do. Pick the surface you're interested in below.
Quickstart: first scan in 10 minutes
Sign up, add a target, prove ownership, run the first assessment, and download the PDF. End-to-end walkthrough for new accounts.
OpenVerify a target
DNS TXT, /.well-known HTML file, meta tag, or domain email. Pick the one that fits your environment; we verify within seconds.
OpenRead a scan report
How severity, confidence, priority score, KEV, and EPSS fit together. How to triage 50 findings in 15 minutes and produce a ticket per fix.
OpenIntegrations
Slack + Discord + generic webhook alerts; AWS / Azure / GCP cloud audit; Kubernetes snapshots; mobile binaries; Cloudflare DNS one-click verify; GitHub repository scans.
OpenScan types reference
Every target type explained: web, web-app, API, GitHub repo, Kubernetes snapshot, mobile binary (APK / IPA), cloud account. What you provide, every check we run, every guardrail we ship with.
OpenMobile app scan (APK / IPA)
Upload a release binary and get back static + dependency CVE + secret + manifest + SDK fingerprint findings. No source needed. Privacy guarantees + limits documented.
OpenWeb3 / smart contract testing
Per-chain setup for the Web3 add-on. EVM family (Ethereum, Polygon, BSC, Arbitrum, Optimism, Base, Avalanche) plus Sui Move. What each tool checks, what we never test, and how to read the findings.
OpenSafe-scanning policy
What we run, what we never do, authorisation contract, data handling. Required reading before a procurement or compliance review.
OpenSample report
A full Executive + Developer + Compliance + Trend PDF set on a demo target so you can preview what an evidence pack looks like.
OpenLooking for something specific that's not listed here? Email support@nanotesting.com and we'll either point you at the right page or write the doc.