01
DNS & email records
MX, SPF, and DMARC visibility for spoofing and delivery risk awareness.
Public MVP
Public Exposure Scanner
See what attackers can see.
occhira helps teams understand what is publicly visible about their infrastructure — without penetration testing, exploitation, or intrusive access.
Scan Domain
Passive external assessment — no account required in this MVP
- 01Enter a domain
- 02Run a passive scan
- 03Receive a professional exposure report
01 / Capabilities
What we assess
Passive checks only — no exploitation, no authenticated testing, no intrusive scanning.
02 / Modules
Scan modules
Each module runs independently. Failures in one check do not stop the rest of the assessment.
Scanner module
DNS analysis
Public DNS and email authentication records (MX, SPF, DMARC).
Scanner module
SSL / TLS review
Certificate validity and HTTPS configuration from outside.
Scanner module
Security headers
Browser protections such as HSTS, CSP, and clickjacking controls.
Scanner module
Technology stack
Passive fingerprinting of public-facing components.
Scanner module
Public subdomains
Validated hostnames associated with your brand.
Planned moduleIn Development
Port scanning
Active port analysis for verified domains only.
03 / Approach
How occhira works
PASSIVE ONLY
We observe what is already public — DNS, TLS, headers, and OSINT signals. No exploitation and no authenticated access.
EXTERNAL VISIBILITY
The report reflects what someone on the internet can learn before logging in or touching your internal systems.
CLEAR POSTURE
Findings are written for owners and IT partners — severity, evidence, and practical next steps.
RESPONSIBLE SCOPE
occhira is not a penetration testing platform, red team tool, or attack framework. It is an exposure awareness product.
04 / Questions
Frequently asked questions
Straight answers about the current MVP — passive external assessments only.
occhira runs passive external checks: DNS and email records, SSL/TLS configuration, HTTP security headers, technology fingerprinting, subdomain visibility, and related public OSINT signals. It does not exploit vulnerabilities or access your internal systems.
No. occhira is a passive exposure assessment. It helps you understand what is visible from the internet and prioritise improvements — it is not a substitute for a formal penetration test or red team engagement.
Enter a domain on the homepage, start the scan, and wait for the assessment to complete. You receive a structured report with findings, severity, and recommended fixes. No account is required in the current MVP.
Yes. When a scan completes, you can download a PDF exposure report suitable for sharing with your IT partner or leadership team.
Business owners, security leads, and IT partners who need a clear picture of external exposure without running intrusive tests. Always ensure you have permission to assess the domains you scan.
Domain verification, continuous monitoring, deeper verified scans, and additional reporting features are in development. The current release focuses on one-off passive assessments and PDF export.
Still have questions?
Reach out by email while the product is in public MVP.
Product
- Passive domain scans
- Exposure PDF reports
- Monitoring — Coming Soon
Assessments
- DNS & email
- TLS & headers
- Technology & OSINT
Contact
occhira
Public Exposure Scanner
See what attackers can see.
Run a passive scan from the homepage — no account required in this MVP.
Scan a domain→Stage
Public MVP
Method
Passive only
Reports
Web + PDF
Accounts
🚧 In Development
© 2026 occhira. Passive exposure assessments only — not a penetration test.
occhira.com