Professional Android Security Tool

Scan. Detect.
Exploit Smarter.

AltMAP brings professional-grade CVE vulnerability scanning to your Android device. Search through 10,000+ attack templates, fingerprint services, and confirm blind exploits via OOB — all from your pocket.

Get on Google Play See Features →

10,000+ Templates

CVE Database

OOB Detection

Fofa API

∞ Missions

Latest Detection

CVE-2021-41773

CRITICAL Apache 2.4.49

AltMAP Vulnerability Search screen showing CVE list with 2984 results

OOB Callback

✓ Confirmed

SSRF on 10.0.0.5:8080

Templates Loaded

2,984 CVEs

CRITICAL HIGH MED

[OPEN] 192.168.1.10:80 — Apache 2.4.49 [CVE-2021-41773] Path Traversal/RCE — Severity: CRITICAL [SCAN] 172.16.0.0/24 — 255 hosts — 8 threads [CVE-2022-26134] Confluence OGNL RCE — Severity: CRITICAL [OOB] Callback received — SSRF confirmed on 10.0.0.5:8080 [CVE-2023-44487] HTTP/2 Rapid Reset — Severity: HIGH [FOFA] Fingerprint — Nginx 1.18 — 142 results [CVE-2021-26855] Exchange ProxyLogon — Severity: CRITICAL [OPEN] 192.168.1.10:80 — Apache 2.4.49 [CVE-2021-41773] Path Traversal/RCE — Severity: CRITICAL [SCAN] 172.16.0.0/24 — 255 hosts — 8 threads [CVE-2022-26134] Confluence OGNL RCE — Severity: CRITICAL [OOB] Callback received — SSRF confirmed on 10.0.0.5:8080 [CVE-2023-44487] HTTP/2 Rapid Reset — Severity: HIGH [FOFA] Fingerprint — Nginx 1.18 — 142 results [CVE-2021-26855] Exchange ProxyLogon — Severity: CRITICAL

Core Capabilities

Everything you need in the field

From TCP port scanning to OOB exploit detection — enterprise-grade security tooling, mobile-native.

⚡

Multithreaded TCP Port Scanner

Scan large networks and IP ranges with thread-optimised engines. Cover entire subnets in seconds with configurable thread pools.

🌐

HTTP Page Fetcher

Auto-fetch and fingerprint HTTP pages from discovered hosts. Identify server software, versions, and exposed services.

🛡️

CVE Scanner + Assisted Detection

Search and run 10,000+ mobile HTTP-based CVE templates. Guided assisted mode helps beginners choose the right checks.

📡

Local & Remote Targets

Scan devices on your local Wi-Fi or any internet-reachable IP/domain. No VPN or desktop required.

🛰️

OOB Exploit Detection

Confirm blind SSRF, command injection, and XXE via secure callbacks to the AltMAP-owned OOB server. Zero data collected.

🔁

Custom Missions & Parallel Execution

Define named scan missions and run them simultaneously with isolated thread pools. Full strategic control, zero blocking.

Latest Release

What's new in AltMAP

Continuous improvements driven by real-world pentest feedback and community CVE submissions.

📦

10,000+ Attack Templates

Massive library expansion covering every major platform — web servers, frameworks, IoT, and cloud APIs.

🤖

Assisted Scanning Mode

Intelligent guided workflow helps new users pick templates, severity levels, and targets step-by-step.

📊

Improved Summary Screen

Rich post-scan view with severity breakdowns, CVE timelines, host maps, and exportable reports.

🔍

Fofa.info API Integration

Discover and enumerate internet-facing assets directly in-app using the Fofa search API.

🌐

Auto Fingerprinting

Local WebView + Cloudflare HTML/JS fetch engine for fast, accurate service identification.

⚡

Performance Improvements

Smarter thread scheduling and memory management for long, stable sessions on mobile hardware.

Who It's For

Built for security professionals

In the field, at the office, or in the lab — AltMAP adapts to your workflow.

🕵️

Penetration Testers

Rapid recon, CVE validation, and OOB blind exploit confirmation on client engagements.

🔐

Security Engineers

Assess your own infrastructure for known vulnerabilities before attackers do.

🖥️

System Administrators

Quickly identify exposed services and misconfigurations on your local network.

🎓

Cybersecurity Researchers

Template-driven CVE testing with deep customisation for controlled research environments.

🔒 Offline & Privacy-First

AltMAP processes all scan data locally on your device. Some advanced CVE checks initiate a minimal, encrypted connection to our OOB server — solely to confirm exploit callbacks. No personal data is ever collected or shared.

All scan results stored locally on-device
No personal or user data collected or shared
OOB callbacks use isolated encrypted connections
Works fully offline for standard CVE checks
No account or registration required
Transparent about all network activity

Scan. Detect. Exploit Smarter.