Scorpion Security Platform v1.0 — Now Available

One Platform.
12 Security Tools.
Free to Start.

The all-in-one Linux penetration testing platform built for serious security professionals. Start free with 4 tools — upgrade to Pro for unlimited access to all 12.

Download Free → Explore All 12 Tools

No credit card required · Linux only (.deb / .rpm / AppImage) · Install in under 60 seconds

scorpion — bash
$ scorpion license activate SCRPN-A7K2M-P9QRT-X3VNW-GK8E
License valid · Plan: PRO · 2 devices · Expires 2027-04-30
Hardware fingerprint registered
$ scorpion status
portal online :3001 scorpionsec
license-server online :27500
owasp-scanner online :4000
server-scan online :9000
venomcraft online :25001
+9 more tools ready
12
Integrated Tools
100%
Linux Native
<90s
Deploy Time
24/7
License Control
Platform Features

Built for security professionals

Not another wrapper around existing tools. A fully integrated platform designed from the ground up for real-world pentesting workflows.

🔍

Unified Dashboard

Aggregate scan results from all 12 tools in one real-time view. CVE trends, CVSS scores, severity breakdowns, and remediation priority — at a glance.

🔐

Hardware-Bound Licensing

HMAC-signed keys, Ed25519 payload signatures, and CPU/motherboard fingerprinting. Remote revocation and kill-switch if a key is compromised.

Native Linux App

Single .deb or .rpm install — no Docker, no VM, no dependencies. Tauri-based desktop UI with Rust backend. Ubuntu, Kali, Fedora, RHEL all supported.

📄

Compliance Reporting

Generate auditor-ready PDF and HTML reports for OWASP Top 10, PCI-DSS, HIPAA, and NIST. Export findings with evidence, CVSS scores, and remediation steps.

🤖

AI-Powered Analysis

Claude API integration for automated attack chain generation, scan result analysis, and post-exploitation guidance. Pro and Enterprise plans included.

🔄

Staged Auto-Updates

Signed update packages with SHA256 verification, staged rollout (10% → 50% → 100%), automatic rollback, and real-time heartbeat monitoring.

12 Tools Included

Every tool a pentester needs

Production-grade scanners, OSINT engines, and exploitation frameworks — integrated in one licensed package.

01

OWASP Scanner

Web app vulnerability scanning — SQL injection, XSS, CSRF, auth flaws. OWASP Top 10 mapped findings.

02

Server Scanner

Deep port scanning, service enumeration, CVE detection. Nmap + vulnerability DB.

03

API Security Audit

REST/GraphQL security testing. Auth bypass, injection attacks, rate limiting flaws, IDOR detection.

04

BruteForce Pro

Dictionary and hybrid attacks — SSH, FTP, HTTP Basic, custom services. Hydra-powered with smart throttling.

05

Maltego OSINT

Domain recon, email harvesting, social graphs. Shodan, WHOIS, DNS and certificate transparency integration.

06

VenomCraft

Payload generation for authorized engagements. msfvenom-compatible with evasion options and listener setup.

07

Phishing Studio

Authorized phishing simulations with real-time click/credential tracking and employee awareness metrics.

08

MetaUI

Graphical Metasploit interface. Manage sessions, payloads, modules, and post-exploitation from a unified UI.

09

OSINT Platform

Passive intelligence gathering. Shodan, HaveIBeenPwned, Censys, email harvesting with graph visualization.

10

WebProxy Pro

mitmproxy-based HTTP/HTTPS intercept. Live request editing, replay, injection, and traffic export.

11

MetaHarvest

Metadata extraction from documents, images, and binaries. EXIF, GPS, author info, and hidden properties.

12

Network Spoof

ARP spoofing, DNS poisoning, MAC flooding for internal assessments. Raw socket, requires root privileges.

Pricing

Simple, transparent pricing

Start free. Upgrade to Pro when you need the full arsenal.

Free
$0 / forever
No credit card. No license key.
  • WebProxy — unlimited
  • OWASP Scanner — 1× / day
  • Server Scanner — 1× / day
  • Maltego OSINT — 1× / day
  • Remaining 8 tools
  • Unlimited scans
  • Scan scheduling
Download Free
Full Access
Pro
$49/mo
  • All 12 security tools
  • Unlimited scans — no caps
  • Scan scheduling (cron)
  • BruteForce Pro, MetaUI, VenomCraft
  • Phishing Studio, Network Spoof
  • OSINT Platform, RedForce
  • 1 device (HW-locked) · Email support

14-day money-back guarantee. Full comparison →

Trusted By

What security professionals say

★★★★★

"Finally, a platform that combines everything I need. Replaced four separate tools with Scorpion. The unified dashboard saves me hours every engagement."

AK
Alex K.
Senior Penetration Tester, OSCP
★★★★★

"The compliance reporting alone justifies the price. Clients appreciate the professional PDF reports with CVSS scores and clear remediation steps."

SM
Sara M.
Security Consultant, CISSP
★★★★★

"Native .deb, zero dependencies. Installed in 90 seconds. Hardware-bound licensing and Ed25519-signed payloads give real confidence in the security model."

JR
James R.
Red Team Lead
FAQ

Frequently asked questions

What Linux distributions does Scorpion support?
+
Scorpion is distributed as a native .deb, .rpm, and AppImage. Tested on Ubuntu 20.04+, Debian 11+, Kali Linux 2023+, Fedora 38+, and RHEL/CentOS 8+. No Docker required. Minimum 4 GB RAM, 10 GB disk space.
How does the license work?
+
After purchase you receive an HMAC-signed license key (SCRPN-XXXXX-XXXXX-XXXXX-XXXXX format). Enter it in the app under Settings → License. The platform validates against our license server, creates a hardware fingerprint (CPU + motherboard + disk), and issues a JWT for tool access. Pro licenses support 1 device at a time — you can deactivate and move to another machine at any time.
Can I use Scorpion offline?
+
Local tools (Nmap, Hydra, mitmproxy, msfvenom) work fully offline. Server-side features such as AI analysis and real-time CVE matching require connectivity. License validation is cached for 6 hours — the app works offline within that window. After 96 hours offline, the app pauses until it can reconnect.
Is Scorpion legal to use?
+
Scorpion is designed exclusively for authorized security testing — on systems you own or have explicit written permission to assess. Unauthorized use violates our Terms of Service and applicable law. All penetration testing and exploitation tools display authorization prompts and require explicit confirmation.
What data do you collect?
+
We collect: hardware fingerprint (SHA-256 hashed, non-reversible), IP address, hostname, app version, and usage metrics (scan counts per tool). This is used solely for license enforcement and fraud detection. We never access your scan targets, findings, or results. See our Privacy Policy for full details.
What is the refund policy?
+
We offer a 14-day money-back guarantee on Pro. Email support@scorpion.mentoroogway.uz within 14 days of your first payment for a full refund, no questions asked. Paddle processes all payments as Merchant of Record — VAT and sales tax are handled automatically.
Get Started

Start free. No limits on time.

Download Scorpion and use 4 tools immediately — no account, no credit card. Upgrade to Pro anytime for full access to all 12 tools.

Download Free → See Pro pricing Contact us