Products Overview
Platform modules for visibility, validation, response, and reporting
Each Hax.nu offering stands on its own as a product or app module while fitting into a broader security operating system for SMBs, MSPs, and growing organizations.
How it fits together
Hax.nu modules are designed to be used independently or in combination. Start with visibility using the Attack Surface Scanner, validate with Automated Pentest Lite, communicate with the Report Generator, and extend over time as your security operating rhythm matures.
Available Now
Production-ready modules you can start with today.
External Attack Surface Scanner
See what outsiders can see before it turns into a problem.
Continuously map domains, subdomains, services, and internet-facing exposures with crisp reporting for technical and executive stakeholders.
Best fit
SMBs, MSPs, multi-site operators
- Asset discovery across domains, hosts, and exposed services
- Misconfiguration and exposure detection with business context
- Monitoring subscriptions with prioritized change alerts
Security Report Generator for MSPs
Turn technical findings into client-ready deliverables.
Create polished, white-label security reports that save analyst time and help MSPs package a repeatable security offering.
Best fit
Managed service providers and virtual CISOs
- Reusable branded templates and executive summaries
- Consistent findings language and prioritization
- Faster turnaround for recurring client reporting
Config and Firewall Audit Services
Review the controls you depend on before gaps become incidents.
Analyze firewall, security appliance, and platform configurations for weak settings, risky policies, and exposed management interfaces.
Best fit
MSPs, internal IT, security-conscious operators
- Upload and review security device configs
- Identify risky rules, weak defaults, and exposed management
- Receive advisory guidance and remediation workshops
In Pilot
Active early-access programs — contact us to join.
AI Security Copilot for SMBs
Translate messy security questions into clear next steps.
A business-friendly assistant for posture questions, configuration review, and findings triage without drowning teams in jargon.
Best fit
SMB owners, IT admins, MSP analysts
- Explain risks in plain language
- Review configs and logs for common red flags
- Recommend pragmatic remediation paths
Automated Pentest Lite
Recurring validation that keeps your posture honest.
Run recurring security checks and exploitability-oriented prioritization to catch what changes between annual engagements.
Best fit
Growing companies and compliance-minded teams
- Weekly or monthly validation cycles
- Prioritization based on exposure and likely impact
- Alerts when new reachable risks appear
Website and App Vulnerability Monitoring
Watch public-facing apps for risky drift and new weakness signals.
Monitor web properties for risky changes, exposed admin panels, plugin issues, and brute-force patterns with guided follow-up actions.
Best fit
Marketing sites, SaaS teams, MSP web ops
- Track newly exposed pages and services
- Highlight risky admin surfaces and weak defaults
- Pair monitoring with remediation guidance
Coming Soon
Modules in development — express interest to shape the roadmap.
Automated Response Platform
Contain suspicious movement faster, with human-friendly controls.
Detect suspicious internal activity and trigger network-aware containment actions through security and infrastructure integrations.
Best fit
Internal IT, lean security teams, MSPs
- Detect scanning and lateral movement patterns
- Trigger quarantine or containment actions
- Keep operators informed with audit-ready alerts
Hack Yourself Training Platform
Teach teams to evaluate their own systems safely.
Guided, sandboxed labs that help customers understand exposure without crossing ethical or legal lines.
Best fit
Security-conscious teams and technical learners
- Safe hands-on labs and walkthroughs
- Business-appropriate, ethical framing
- Practical exercises tied to real systems thinking
All offerings at a glance
External Attack Surface Scanner
SMBs, MSPs, multi-site operators
AI Security Copilot for SMBs
SMB owners, IT admins, MSP analysts
Automated Pentest Lite
Growing companies and compliance-minded teams
Automated Response Platform
Internal IT, lean security teams, MSPs
Security Report Generator for MSPs
Managed service providers and virtual CISOs
Hack Yourself Training Platform
Security-conscious teams and technical learners
Website and App Vulnerability Monitoring
Marketing sites, SaaS teams, MSP web ops
Config and Firewall Audit Services
MSPs, internal IT, security-conscious operators
Not sure where to start?
We can help you find the right first step.
Whether you need a quick exposure map, a reporting workflow, or a broader security operating plan, a short conversation usually points in the right direction.