Scantide Auditor PowerShell helps administrators understand what is actually reachable inside their own networks: hosts, web ports, service banners, TLS certificates, response titles, CMDB coverage, and evidence that can be exported into a clear HTML report.
The script is intended for administrators, security teams, infrastructure teams, and asset owners who need a practical view of internal network exposure without installing agents or running intrusive tests.
Scan approved internal ranges to see which hosts respond, which common services are reachable, and which systems may need follow-up.
Compare discovered hosts against known asset data so teams can spot missing, stale, or unexpected records.
Create HTML reports that show the facts: host, port, title, banner, TLS subject, certificate names, CMDB status, and timestamps.
Many companies have more systems online than they think. Some are old test servers, forgotten admin portals, temporary devices, printers, appliances, or servers that were never added correctly to the asset inventory. Scantide helps turn that uncertainty into a list you can actually review.
If a device is reachable but not listed in the CMDB, nobody may be responsible for patching it, monitoring it, backing it up, or removing it when it is no longer needed.
A host that only responds to HTTPS is different from a host exposing FTP, old web admin pages, remote access services, or mail protocols. The report helps you see what is actually reachable.
TLS certificates often show hostnames, service names, expiry dates, and ownership hints. This can help find forgotten systems or certificates that need renewal.
A port number alone is not always helpful. Capturing the web server title and basic response information makes it easier to identify what a service actually is.
When the scan finds something that is not in the inventory, the team can decide whether to register it, investigate it, or remove it.
The goal is not only to find things. The goal is to create evidence that helps infrastructure, operations, and security teams agree on what needs attention.
Exact checks depend on the version and options you enable, but the PowerShell auditor is designed around practical asset and service evidence.
Review IP ranges and collect response evidence from hosts that appear reachable during the scan.
Check common ports and service responses such as HTTP, HTTPS, SSH, FTP, SMTP, DNS, IMAP, POP3, and custom configured ports.
Inspect visible certificate fields such as subject, issuer, DNS names, expiry dates, and certificate mismatch clues.
Collect basic web evidence such as status, title, server header, redirects, and HTTP/HTTPS availability where available.
Mark discovered hosts as known or not found in the asset inventory when CMDB integration data is available.
Include scan date, network range, duration, and report context so results can be compared over time.
Generate a visual report that can be shared with operations teams, system owners, or audit stakeholders.
Focus on observable network and service data rather than exploitation, credential attacks, or intrusive vulnerability testing.
A finding does not automatically mean something is dangerous. It means there is evidence worth understanding. The report is designed to help teams decide what to verify, document, patch, or remove.
Run the script from a Windows machine or server that is allowed to reach the target network range. Use an account and location that match your organization’s scanning policy.
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
.\ScantideAuditor.ps1 -Network 10.24.48.0/24The PowerShell script is most useful when the goal is to create a practical inventory and exposure baseline for internal networks.
Check that important systems are known, documented, and not exposing unexpected services before an external or internal review.
Run a comparison after migrations, firewall changes, segmentation work, VLAN changes, or server cleanup projects.
Find systems that exist on the network but are missing, outdated, or incorrectly represented in the asset inventory.
Find certificates that are expired, near expiry, incorrectly named, or attached to services that nobody recognizes.
Identify old services such as FTP, legacy admin pages, or unexpected mail services that may need retirement or restriction.
Create a clear report that helps different teams agree on what is known, what is unknown, and what needs action.
A good report should not just say that something was found. It should help the team understand what the finding means and what to do next.
Scantide Auditor PowerShell is built for authorized visibility. It should be used only on networks where you have permission to perform inventory and exposure review.
Run it only against networks you own, manage, or are explicitly authorized to assess.
The scanner is not intended for password guessing, brute forcing, exploitation, or bypassing access controls.
Use the report to improve asset ownership, CMDB accuracy, certificate hygiene, firewall rules, and service cleanup.
Auditor findings become more useful when they are connected to known vulnerability context and infrastructure ownership/location context. The goal is prioritization and evidence, not automatic blame.
Open ports, service banners, web titles, certificates and server headers may reveal product or version hints that can be compared with CVE information. Treat this as a pointer for follow-up: a visible version may be wrong, patched by backporting, hidden behind a proxy, or not exploitable in the local configuration.
For internal and branch-office reviews, provider, country, ASN, cloud region, mail routing and external dependencies can matter. These signals help teams understand whether systems depend on unexpected providers, regions or legal environments, especially where policy, compliance or data-residency requirements apply.
No. It is an inventory and exposure review script for authorized internal networks. It collects observable service and metadata evidence so administrators can clean up and document their environment.
No. Many open ports are normal. The important question is whether the service is expected, documented, patched, restricted, and owned by the right team.
If a system is reachable but not in the asset inventory, it can be missed by patching, monitoring, backup, lifecycle management, and incident response processes.
They help humans identify systems faster. A hostname, web title, certificate subject, or DNS name can reveal whether the service belongs to a known application, old project, appliance, or test environment.
No. It is better viewed as a visibility, inventory, and evidence tool. It can help decide where deeper vulnerability review is needed, but it is not a replacement for full vulnerability management.
Yes. The output is meant to be readable by operations, infrastructure, application owners, and asset managers. The point is to make cleanup and ownership discussions easier.
The PowerShell manual explains prerequisites, safe scanning scope, common parameters, report interpretation, CMDB comparison, troubleshooting, and recommended operating practices for internal network reviews.
Use the manual when deploying the script for the first time, explaining the report to colleagues, or standardizing how internal scans should be run and documented.
Open PowerShell manualThe guide covers how to choose a network range, understand discovered hosts, read evidence rows, compare against asset inventory, and turn findings into cleanup actions.
Scantide Auditor PowerShell focuses on internal networks. Scantide Observe focuses on website privacy and browser-visible behavior. Scantide Observe Mobile brings similar visibility to Android. Together they help explain what systems, websites, and services are doing in a way people can act on.
Scantide is split into focused tools so the right audience gets the right kind of evidence quickly. Use Observe for live website behavior, Online for public domain checks, Dashboard for monitoring, and Auditor when you need authorized internal network visibility.
For Chrome, Edge, Brave and Firefox. Shows trackers, cookies, scripts, security headers, forms, contacted hosts and browser-visible website risk while you browse.
Open Observe guideFor Android users who want to share a URL from a browser or app and understand website privacy, scripts, trackers, infrastructure and jurisdiction context on mobile.
Open Observe MobileFor quick public-domain checks. Reviews visible TLS, DNS, headers, redirects, services, provider and jurisdiction signals for a website or domain.
Run single scanFor teams that need recurring certificate and domain visibility, status views, uploaded domain lists, expiry warnings and evidence history.
Open dashboard loginFor Windows admins reviewing authorized internal networks. Finds reachable hosts, visible services, web responses, TLS clues and CMDB gaps in clear HTML reports.
Open PowerShell AuditorFor mobile field checks and quick local network visibility. Useful for Wi-Fi review, nearby network context and on-site authorized infrastructure checks.
Open Android Auditor