🔍 XSS Scanner Pro
40+ payloads, WAF bypass, blind XSS detection, screenshot evidence.
- 40+ payloads & WAF bypass
- Blind XSS detection
- Security header analysis
- JSON + HTML output
- All Free features included
All EdgeIQ Labs Tools
The complete catalog. Lifetime tools for security pros, dashboards for agencies, white-label reports for consultants, setup services, and developer APIs.
Looking for managed monthly protection? SMB Essentials ($29/mo) and SMB Plus ($49/mo) are on the homepage with a 14-day free trial. See SMB plans →
🛠 Most tools below also run as OpenClaw skills — install with one command from ClawHub →. Or buy a Pro plan and run them standalone from any terminal.
Monthly
Annual Save 20%
Switch to annual and save on any tool — billed once, owned 12 months
Lifetime Plans — Buy Once, Own It
All tools available as a one-time lifetime purchase. No recurring fees, no cancellations, no surprises. Optional lower monthly plan if you prefer to rent.
🌐 Network Scanner Pro
Deep port scan, CVE matching, OS fingerprinting, traceroute.
- Port scan 1–65535
- Service version detection
- CVE matching
- SSL/TLS grading
- JSON + HTML reports
🎯 Subdomain Hunter Pro
Passive CT scan, takeover detection, DNS zone transfer checks.
- Certificate Transparency scans
- Subdomain takeover detection
- DNS zone transfer checks
- Bruteforce wordlist
🔒 SSL Watcher Pro
Certificate expiry tracking, security header analysis, WHOIS.
- Certificate expiry timeline
- CSP, HSTS analysis
- WHOIS domain tracking
- JSON + HTML reports
💉 SQL Injection Scanner Pro
Boolean blind + time-based detection, database extraction.
- Boolean blind + time-based
- UNION SELECT extraction
- Multiple parameter scanning
- JSON export
🔐 OAuth Security Checker Pro
Redirect URI + state checks, PKCE detection, scope analysis.
- Redirect URI + state checks
- PKCE detection
- Scope permission analysis
- JSON export
🕳️ Dark Web Credential Checker Pro
Breach search, password hash detection, exposed data classification.
- 50 email lookups/mo
- Username breach search
- Exposed data classification
- Password hash detection
🦠 Malware Signature Scanner Pro
YARA rules, PE header analysis, URL/domain reputation.
- 50 file scans/mo
- Full YARA ruleset (200+)
- PE header + entropy analysis
- String extraction
📧 Email Header Analyzer Pro
SPF/DKIM/DMARC analysis, from/reply-to mismatch detection.
- 50 header analyses/mo
- SPF/DKIM/DMARC full analysis
- From/Reply-To mismatch
- IP reputation lookup
🎣 Phishing Kit Detector Pro
Brand impersonation detection, JS analysis, infrastructure fingerprinting.
- 50 URL/scans/mo
- 17 brand impersonation checks
- JavaScript analysis
- Stolen branding detection
🔎 API Endpoint Discovery Pro
Path brute-forcing, JS endpoint extraction, Swagger discovery.
- 50 target scans/mo
- 200+ path brute-forcing
- JavaScript endpoint extraction
- Swagger/OpenAPI discovery
📡 Lead Researcher Pro
Tech stack, industry, size, social links, recent news.
- 50 lookups/mo
- Full tech stack enrichment
- Social links + contact data
- CSV export
🏪 Business Listing Aggregator Pro
Cross-platform consistency checks, weekly reports.
- 10 businesses monitored
- Google Maps, Yelp, BBB, Facebook
- Weekly consistency checks
- JSON + HTML reports
📄 Security Report Generator Pro
Monthly PDF/HTML security digest across all tools.
- Monthly PDF/HTML digest
- XSS + Network + SSL aggregation
- Delivered by email/Telegram
- Banded reports
One-Time Tools
Pay once, own it forever. No recurring fees.
🔔 Alerting System Pro
$19 one-time
- Unlimited channels and alerts
- Severity tagging
- Alert aggregation
- Deduplication and rate limiting
📈 Market Watch Bot Pro
$19 one-time
- 5-minute crypto market checks
- Funding rates, momentum, Bollinger bands
- Unusual volume spike detection
- Telegram or WhatsApp alerts
🏷️ Competitor Price Intelligence Pro
$19 one-time
- Multiple watch targets
- Price and availability change detection
- JSON + HTML reports
- Telegram or WhatsApp alerts
🔧 EdgeIQ Fix-it — Auto-Fix Engine
Turn your EdgeIQ monitoring alerts into automatic remediations. One subscription, any tool.
🔧 Fix-it Pro $9/mo add-on
Works alongside any EdgeIQ tool. Auto-fix up to 10 issues/month.
- ✅ Auto SSL Renew — auto-renews expiring certs via Cloudflare Origin CA
- ✅ Header Auto-Fix — deploys CSP, HSTS, X-Frame-Options automatically
- ✅ GitHub Issue Creator — files issues with severity + remediation steps
- ✅ Stack on top of any EdgeIQ tool
- 📈 Unlimited fixes with annual plan
How Fix-it Works
A simple 4-step flow that turns findings into action:
- Detect: EdgeIQ scanners identify issues (SSL, headers, endpoint risk, etc.).
- Classify: Findings are scored by severity so urgent items are prioritized first.
- Remediate: Fix-it runs approved auto-actions (SSL renew, header hardening, issue creation).
- Verify: Re-check confirms the fix and logs before/after evidence.
SMB Security Dashboard Pro
Free score preview stays open. Full dashboard analytics and client workflows are paid.
🔓 Dashboard Pro
$29 /month
- Full summary + alerts + recommendations
- Single-tenant dashboard token
- Email support
🏢 Dashboard Agency
$79 /month
- Everything in Pro
- Higher request allowance
- Priority support
White-Label Security Report Builder
Built for consultants and MSPs who want branded deliverables and recurring client reporting revenue.
🧰 Solo Consultant
$49 /month
- Up to 10 branded reports / month
- Custom logo + business name
- PDF export + sharable link
🏢 Agency / MSP
$149 /month
- Up to 50 branded reports / month
- Multi-client workspace
- Priority support + faster generation queue
🚀 Pro Agency
$299 /month
- Up to 150 branded reports / month
- Advanced template controls
- Dedicated support lane
OpenClaw Setup Services
Separate offering from SMB monitoring: remote/VPS OpenClaw installs with optional ongoing managed service.
🦞 OpenClaw Starter
$99 /one-time
- Remote or VPS OpenClaw installation
- Core configuration and hardening
- 1 integration wired up
🦞 OpenClaw Pro Setup
$249 /one-time
- Full OpenClaw setup for remote/VPS
- Integrations + automations configured
- 3 custom skills wired up
- Walkthrough and handoff included
🦞 OpenClaw Managed
$49 /month
- Ongoing updates and config changes
- New skill setup and maintenance
- Priority support
Micro-SaaS Products
Standalone subscription tools — each solving one problem, built on top of our existing infrastructure.
🔗 Data Enrichment API
Developer API for enriching company and contact data from email, domain, or phone. Returns tech stack, social links, employee count, funding info, and more — perfect for CRMs and lead pipelines. Free tier: 50 calls/mo. Pro: 5,000 calls/mo.
$19/mo Pro · View on ClawHub → Buy Pro →
🔔 sub.alerts
Monitor your domains via Certificate Transparency logs. Get daily or weekly email digests when new subdomains appear or disappear. Built on Subdomain Hunter infrastructure. Free tier: 1 domain, weekly. Pro: 10 domains, daily alerts, webhooks.
$5/mo Pro · View on ClawHub →
Buy Pro →🌐 Domain Expiry Monitor
WHOIS-based domain registration expiry tracking. Know when your domains expire before they do. Color-coded urgency, registrar info, and email alerts. Free tier: 3 domains. Pro: 10 domains, full WHOIS data, daily expiry alerts.
$5/mo Pro · View on ClawHub →
Buy Pro →🔍 leak.scan
Personal data breach exposure scanner covering email, phone, address, SSN fragments, DOB, and national IDs. Deterministic results so scans are consistent. Free tier: 3 scans/mo. Pro: unlimited scans, full exposure report, breach source list.
$5/mo Pro · View on ClawHub →
Buy Pro →📸 Screenshot API
Capture PNG/JPEG screenshots of any URL via API. Built on Playwright. Free tier: 100 screenshots/mo with fixed dimensions. Pro: 2000/mo, full-page capture, custom viewport sizes, and wait_for JS selector support.
$19/mo Pro · View on ClawHub →
Buy Pro →🛡️ headers.check
HTTP security headers scanner — analyzes HSTS, CSP, X-Frame-Options, and more. Get an A-F security grade with detailed breakdown. Free tier: 20 scans/day. Pro: unlimited scans + detailed remediation guide.
$5/mo Pro · View on ClawHub →
Buy Pro →⏱️ uptime.check
URL uptime monitoring with email and webhook alerts. Checks if your sites stay up with HTTP HEAD requests. Free tier: 3 monitors, daily checks. Pro: 20 monitors, 5-minute checks, webhook alerts, and 90-day history.
$5/mo Pro · View on ClawHub →
Buy Pro →🗺️ SurfaceMap — Live Now
Automated API attack surface mapping and continuous monitoring. Tracks your exposed API endpoints over time, alerts on new exposures, and grades your API security posture. Built on our API Endpoint Discovery infrastructure.
$19/mo Pro · ● Live
Buy Now →🛡️ BrandGuard — Live Now
Monitor the web for brand impersonation, phishing kits using your brand assets, and lookalike domains. Get alerts when your brand is being cloned or used in fraud campaigns. Built on our Phishing Kit Detector infrastructure.
$14/mo Pro · ● Live
Buy Now →💳 FraudCheck — Live Now
Analyze any URL or domain for checkout scam indicators before your customers get burned. Detects fraudulent payment pages, brand impersonation, and scam infrastructure. Built on phishing kit detection + dark web intelligence.
$9/mo Pro · ● Live
Buy Now →🔐 Cert Alert — Live Now
SSL certificate expiration monitoring. Tracks your certs, alerts 30/7/1 day before expiry, and flags revoked or unexpectedly reissued certificates. Built on Certificate Transparency logs.
$9/mo Pro · ● Live
Buy Now →🕳️ Subdomain Takeover Scanner — Live Now
Automated dangling DNS detection. Finds expired cloud resources (AWS S3, GitHub Pages, Heroku, Azure, Netlify, Vercel) that attackers can hijack to take over your subdomains.
$14/mo Pro · ● Live
Buy Now →🔑 Secrets Scan — Live Now
API key exposure detector. Scans URLs and public GitHub repos for exposed AWS keys, GitHub tokens, Stripe keys, JWTs, private keys, and more. Reports findings without storing actual secrets.
$12/mo Pro · ● Live
Buy Now →Need help choosing? Talk to support →