Interactive guides
Step-by-step walkthroughs for every way to run an XploitScan scan. Written so a non-technical founder can follow along without a security background.
Scan from the browser
2 min · Indie hackers, founders, anyone without a CLI
Drag a folder, paste code, or scan a public GitHub URL. Best for first scans and quick sanity checks.
Open guide →
Scan from the terminal
3 min · Developers, anyone working in a terminal already
Install the CLI with one command, scan a project locally, and read the results. No code uploaded.
Open guide →
Add the GitHub Action
5 min · Teams with CI/CD pipelines
Run a security scan on every PR, post a Critical/High/Medium/Low table comment, and upload SARIF.
Open guide →
Call the API directly
4 min · Custom integrations and build tooling
POST a JSON payload to the public scan endpoint from any CI system, custom tool, or build script.
Open guide →
Not sure which one is right for you? If you're new, start with the browser guide.
Start with the browser scanner →