New in Scorifya: attack-surface mapping, supply-chain checks, and subdomain-takeover monitoring
Scorifya can now map every subdomain your domain has ever exposed, flag the hijackable ones, catch compromised third-party scripts, outdated libraries, and exposed source maps, check your domain reputation, and monitor watched domains for takeovers. Here is everything new and how to use it.
What's new
Over the last few weeks Scorifya grew from a single hardening score into a wider map of what your site exposes. This post rounds up four additions: passive attack-surface mapping, three new exposure checks in the scan engine, a domain reputation lookup, and continuous attack-surface monitoring for Pro.
All of it stays true to the same principle as the original score. Nothing here probes, brute-forces, or logs in. It reads public signals, the same ones an attacker would start from, and tells you what they reveal.
Map your attack surface
Most breaches start with something you forgot you had. A staging subdomain, an old marketing microsite, a service you spun up once and never decommissioned. The new attack surface checker finds them. Enter a domain and it lists every subdomain that domain has ever had a public certificate for.
Then it flags the dangerous ones: subdomains whose DNS still points at a service that has been torn down, which an attacker can often re-register and then serve content from under your name. That is a subdomain takeover, and it is one of the most common ways a trusted domain gets hijacked.
It is free, needs no signup, and is passive. It reads public certificate transparency logs and confirms only against the subdomain itself, never the rest of your setup.
Three new exposure checks in every scan
The full scan now runs three additional checks, each surfaced automatically in your results:
**Compromised third-party scripts.** If your page loads a script from a source tied to a known supply-chain compromise, the scan flags it as critical. The reference case is the polyfill.io incident, where a widely embedded script started serving malware after the domain changed hands. Hundreds of thousands of sites still load it.
**Outdated client-side libraries.** The scan reads the version straight from the script URL your page already loads and flags versions with known vulnerabilities, starting with jQuery below 3.5.0, which carries a documented cross-site-scripting fix.
**Exposed source maps.** A public source map rebuilds your original, un-minified source, including comments, internal logic, and sometimes secrets. The scan checks whether the source maps for your own scripts are publicly reachable and flags them when they are.
Check your domain reputation
The new domain reputation checker answers two questions that quietly decide whether your email and your brand are trusted: are your mail servers listed on major email blocklists, and is your site flagged as dangerous by Google Safe Browsing. Both are free to check and take a few seconds.
Continuous attack-surface monitoring (Pro)
Finding a hijackable subdomain once is useful. Knowing the moment a new one appears is what actually protects you, because your attack surface changes every time someone ships. Pro now watches the attack surface of your watched domains and emails you when a new subdomain shows up or an existing one becomes hijackable.
It runs automatically on the domains you already watch. There is nothing extra to configure: add a domain to your watch list, and the monitoring covers it.
Try it
Start with your own domain in the attack surface checker, then run the full Scorifya scanner to see the new exposure checks in your score. If you want the monitoring to keep watching after that, Pro includes a free 7-day trial with no card required.
Try a scan on scorifya.com, read how we score, or see Pro for unlimited scans and exports.