If you’re in the main site (https://kayran.io/), click on “LOGIN” located in the main navigation bar.

A quick Overview of Kayran
Logging In

‘Targets’ are URLs that you wish to Scan.

For example: https://mywebsite.com is a Target.

Kayran allows you to stay protected from unknown security vulnerabilities that could be “hiding” in your online assets.
Besides that, Kayran will generate a full report displaying the vulnerabilities found and how to fix them, so you can patch, upgrade and stay protected while continue doing your best work.

Kayran is able to scan and find vulnerabilities in sites that no tool can find, such as SPA sites, in addition, Kayran exploits any ZERO DAY vulnerability that exists – and most importantly the high-speed relative to the market.

No! Kayran is a tool that runs on your browser, just make sure your browser is supported and updated.

In fact, Kayran was designed to be user-friendly and easy to use even for people without technical knowledge. Introduction to Kayran’s Dashboard

Sure you can! just schedule a meeting through here, we’ll have a “Demo” meeting, showing and explaining everything about Kayran.

Kayran does not give any third-party direct or indirect access to the customer’s data except at your directive or when it’s required by law.

You can use our Support.


EULA stands for end-user license agreement. A EULA specifies in detail the rights and restrictions which apply to the use of the software. Reading and Agreeing to it means that you agree to everything written in it and that you are legally required to do so.

Kayran has a dedicated system that knows how to keep your assets secure, the systems will not fall at any stage, and the exploitation of the vulnerabilities will not harm the information or the site.

Kayran will display the targets got scanned, vulnerabilities it detected, requests and so on – only to the user/client using the server.

Every browser.

If you encounter any compatibility issues, please contact us.

No, Kayran has a special “Speed” engine which will detect when a overload is potential, and preventing it by dynamically changing the number of requests it will send.

Of course! just contact us via your given contact mail or leave a message.

There are two ways to do that:

  1. Using the Quick Scan in the Dashboard, which will create a “simple”, modifier-free scan.
  2. Using the New Scan under Scan so that we can define everything we want to be used in the scan in a more detailed way.

Yes! simply create a new Project (Projects → New Project) and then, when initiating the scan, select your desired Project (Settings → Project).

How to Associate Scans with Projects

Yes! by using our API Documentation !

Problem? no problem! simply tell us through the “Report A Problem” section found in Kayran’s main menu, or, mail us at [email protected]

Report A problem

Yes! and currently, Kayran is the only tool that can do it!

Since SPAs and MPAs are built differently, they must be treated differently.
Fortunately, Kayran is able to detect your site’s Configuration immediately after starting the scan, and thus treating it accordingly.

Of course! by using a Proxy.

Creating and Setting up Proxy Profiles

No! After initiating a Scan, as long as your Server is active, it will continue without requiring you to stay logged in. You can even turn off your device!

The vulnerabilities that Kayran has detected will be categorized according to their level of severity and the level of potential damage they may cause, when the lowest severity is Informative and the highest, is High.

If you initiate a new scan with multiple targets, they will be moved to the active scans section according to the plan you’ve purchased (if none of them will be moved, you’ve either ran out of domains or exceeded the number of active scans you’re allowed).

Queue Sub-Section


Mark the vulnerability as FalsePositive and we will check it out as soon as possible!

How to mark FalsePositive

Simple! you can create and use our highly advanced “Self Login” method.

Self Login

Yes, simply create a new Proxy using it.

Creating and Setting up Proxy Profiles

Yes! learn more about it below :

Using Shodan

You can either use your own by creating a proxy Creating and Setting up Proxy Profiles

Or, you can get one from us Requesting a Fixed IP

Yes, and you can also define certain roles for each of them.

Adding Users to your Server

There’s NO LIMIT on the number of Users you can add to your Server.

To change your personal details, use the Profile section.

Here’s how.

There are 4 Types of Roles for users in Kayran. Each with its own Privileges and Capabilities.

To learn more – Roles Explained

Yes, for more information, read our Reports section in Support


Yes, you can attach scans to projects in each stage it goes through (even after being completed).

How to Associate Scans with Projects

Yes, you can set it up in your Profile. Just toggle “On Aborted” on.

Setting up Email Notifications


Yes, you can set it up in your Profile. Just toggle “On Change Status Scan” on.

Setting up Email Notifications


Yes, you can set it up in your Profile. Just toggle “On Stop” on.

Setting up Email Notifications

Yes, you can set it up in your Profile.

Setting up Email Notifications

Yes, you can set it up in your Profile.

Setting up Email Notifications

Yes, simply navigate to the “Server Settings” and, change it there.

For more information, read here :

How to Change my Login Token

We have a number of Integration which users can use in Kayran such as Shodan and Microsoft Teams.

The Integration Support section is being updated as they are.

There are many Modifiers you can set. From the Description to the Proxy being used.

To learn more about Modifiers.

Currently, you can change the Description, Project, Speed and Level Deep (if defined manually) and Jira Project.

Use our Support to learn more.

Yes. By uploading your API’s Schema, Kayran can Scan and Detect Vulnerabilities in it.

Each Release, Kayran’s clients gets an Email listing all changes. You can also view them here.

Yes, you can do it Manually, or, you can use the Duplicate function located in the table in Scans.

Enumeration is the act of “Brute Forcing”, overloading the server by “Inserting” random Parameters and Paths used for testing.

Use it in the Crawler tab when initiating new scans.

Pay attention that enabling Enumeration Significantly extends the Scan’s Duration.


No. Unless, you mark RECURSIVE beforehand.

Yes! By using the Duration Timeout option.

There are several reasons for these events. We recommend using our Support.

If your Scans are getting ‘Aborted’ for unknown reasons, please contact us.

Simple! By using the Search option.

Simple! By using the Search option.

Make sure that you Enabled/Allowed/Whitelisted the Proxy you are using on your System.

Currently, we support Postman and Swagger schemas.