explaingit

omnitarium/scoptix

Analysis updated 2026-05-18

61TypeScriptAudience · developerComplexity · 3/5Setup · moderate

TLDR

A self-hosted dashboard that maps a domain's public footprint (subdomains, old URLs, leaked secrets) using VirusTotal and the Wayback Machine, without ever probing the target directly.

Mindmap

mindmap
  root((SCOPTIX))
    What it does
      Passive recon
      No direct probing
      Finds subdomains
      Finds leaked secrets
    Data sources
      VirusTotal
      Wayback Machine
    Tech stack
      TypeScript
      Node.js
      PostgreSQL
      Redis
    Use cases
      Bug bounty recon
      Pentest prep
      Scan comparison
    Audience
      Security analysts
      Pentesters

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Map every subdomain and archived URL a target domain has ever had.

USE CASE 2

Spot exposed API keys, tokens, or backup files in archived pages.

USE CASE 3

Compare scans over time to catch newly exposed assets.

What is it built with?

TypeScriptNode.jsPostgreSQLRedisDocker

How does it compare?

omnitarium/scoptixwesbos/syntax-supercut-studioallstarswc/allstars
Stars616160
LanguageTypeScriptTypeScriptTypeScript
Setup difficultymoderatemoderatehard
Complexity3/53/54/5
Audiencedeveloperdevelopergeneral

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 30min

Requires a VirusTotal API key and Docker for Postgres and Redis, not hardened for production exposure.

In plain English

SCOPTIX is a security research tool that helps analysts map out what is publicly visible about a web target without directly probing it. This approach is called passive reconnaissance: instead of sending requests to the target itself, the tool queries external databases that have already indexed information about it. The two data sources it uses are VirusTotal, which has a large database of subdomains and historical DNS records, and the Wayback Machine, which archives snapshots of websites over time. By combining these sources, SCOPTIX can surface the subdomains a domain has had, the URLs that were once publicly accessible, the IP addresses the domain has resolved to, and archived files that may no longer be linked from the live site. Beyond discovery, the tool analyzes what it finds. It looks for patterns that suggest exposed credentials, API keys, tokens, cloud configuration files, and sensitive documents like backups. It also tracks endpoints and authentication-related URLs in archived pages. A scan comparison feature lets you run the tool more than once and see what changed, which is useful for noticing when a new subdomain or exposed file appears. The interface is a web dashboard. You set up the tool locally, add a VirusTotal API key (the free community tier works, though it has rate limits), and then run scans through the browser. PostgreSQL and Redis are used for storage and queuing, and Docker scripts are provided to start both without manual configuration. The README is explicit that SCOPTIX is not hardened for production use and has no built-in access controls. You should run it in an isolated environment and not expose it to the public internet. It is built with TypeScript and Node.js and is intended for security analysts, bug bounty hunters, and penetration testers working on targets they are authorized to assess.

Copy-paste prompts

Prompt 1
Help me set up SCOPTIX locally with Docker and a VirusTotal API key.
Prompt 2
Walk me through running my first passive recon scan with SCOPTIX.
Prompt 3
Explain what the scan comparison feature in SCOPTIX is useful for.
Prompt 4
How do I keep SCOPTIX isolated and safe since it has no built-in access controls?

Frequently asked questions

What is scoptix?

A self-hosted dashboard that maps a domain's public footprint (subdomains, old URLs, leaked secrets) using VirusTotal and the Wayback Machine, without ever probing the target directly.

What language is scoptix written in?

Mainly TypeScript. The stack also includes TypeScript, Node.js, PostgreSQL.

How hard is scoptix to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is scoptix for?

Mainly developer.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.