31 passive scan modules across 6 categories. LLM-powered attack chain correlation. BuggyOS browser workspace with Terra Vault encrypted storage. All scan requests originate from your browser — your IP, your accountability.
From URL to actionable intelligence — all inside your browser.
No server proxying. No shared IP. Scan data stays yours.
Most scanners list findings independently. TERRA ReconOS correlates: .git exposed → source code → hardcoded credentials → admin panel. That's a critical attack chain, not three Medium findings.
The expert system also flags false positives — CORS wildcards on public CDN endpoints, or rate limit headers absent because Cloudflare handles it silently. Context matters.
git clone https://target.com/.git, grep for DB_ variables, attempt phpmyadmin login.
A full desktop environment built into TERRA ReconOS. Manage findings, store secrets, run tools — no install, no setup.
End-to-end encrypted local storage layer for API keys, tokens, and credentials. Server never sees your master password or plaintext data.
Not a replacement for Burp. A smarter starting point — with a workspace built in.
| Feature | TERRA ReconOS | Nikto | Nuclei | Burp Suite Pro | Manual |
|---|---|---|---|---|---|
| Scan modules | 31 across 6 categories | ~40 checks | 1000+ templates | Active + passive | Manual |
| Setup required | Browser only | Install + CLI | Install + templates | Install + license | None |
| Scan origin IP | ✓ Your IP | Server/VPS | Server/VPS | Your IP | Your IP |
| LLM attack chain analysis | ✓ Claude Haiku | ✕ | ✕ | ✕ | ✕ |
| Browser workspace (OS) | ✓ BuggyOS | ✕ | ✕ | ✕ | ✕ |
| Encrypted secret storage | ✓ Terra Vault E2E | ✕ | ✕ | Partial | DIY |
| CT subdomain discovery | ✓ + categorized | ✕ | Template | ✕ | Manual |
| Wayback URL history | ✓ 5000 URLs | ✕ | Plugin | ✕ | Manual |
| False positive context | ✓ WAF/CORS aware | High FP | Template-dep. | Manual review | Human |
| Active vulnerability testing | ✕ Passive only | ✓ | ✓ | ✓ | ✓ |
| Cost | API key only | Free | Free | $449/yr | Free |
Scan from your browser, store locally encrypted, correlate on server. Built for accountability.
31 passive modules. AI attack chains. BuggyOS workspace.
Terra Vault encrypted storage. Everything in one platform.