Set up your PreBreach account and run your first AI-powered security scan in under 5 minutes.

Getting Started with PreBreach

Welcome to PreBreach. This guide walks you through the entire onboarding flow — from creating your account to viewing your first security report. The whole process takes about 5 minutes of setup, then 30-60 minutes while the scan runs automatically.

Onboarding Flow

Getting your first security assessment involves five steps:

1. Create Your Account

Sign up at prebreach.com using your email address or GitHub account. No credit card is required to create an account — you only pay when you're ready to run a scan.

After signing up, you'll land on your dashboard where you can manage domains, scans, and reports.

2. Add a Domain

Navigate to Domains in your dashboard and click Add Domain. Enter the root domain you want to scan (e.g., example.com).

example.com

PreBreach scans the entire domain including subdomains discovered during reconnaissance. You do not need to add subdomains separately.

Note: Only add domains that you own or have explicit written authorization to test. Unauthorized scanning of third-party domains violates our Terms of Service and may be illegal.

3. Verify DNS Ownership

After adding a domain, you'll receive a unique DNS TXT record to prove ownership. Add this record to your domain's DNS settings:

TXT  _prebreach.example.com  prebreach-verify=abc123def456

Where to add this record:

Vercel: Project Settings → Domains → DNS Records
Cloudflare: DNS → Records → Add Record
Namecheap: Domain List → Manage → Advanced DNS
GoDaddy: DNS Management → DNS Records → Add

DNS propagation typically takes 1-15 minutes. Click Verify in your dashboard once the record is in place. PreBreach will check for the TXT record and confirm ownership.

4. Run Your First Scan

Once your domain is verified, click Start Scan from either the Domains page or the Scans page. Your scan will begin immediately and progress through five automated phases:

Recon — Subdomain discovery, technology fingerprinting, port scanning
Scanning — Vulnerability detection using Nuclei templates and SSL/TLS analysis
AI Analysis — 8 specialized AI agents analyze findings with Claude Opus
Validation — Multi-model consensus checking with GPT cross-validation
Reporting — CVSS v4.0 scoring, grade assignment, report generation

You can monitor scan progress in real time from the scan detail page. Scans typically complete in 30-60 minutes depending on the size and complexity of your application.

5. View Your Report

When the scan finishes, your security report is available immediately. Navigate to Reports in your dashboard to view:

Security Grade (A through F) based on overall findings
Vulnerability breakdown organized by severity (Critical, High, Medium, Low, Info)
Detailed findings with descriptions, evidence, and remediation steps
CVSS v4.0 scores for each vulnerability

You can download reports in PDF, HTML, or JSON format.

Quick Start Checklist

Use this checklist to track your progress:

Create your PreBreach account
Add your domain from the dashboard
Add the DNS TXT verification record
Click Verify and confirm domain ownership
Start your first scan
Wait for the scan to complete (30-60 min)
Review your security report
Download the PDF report for your records

What's Next

How It Works

Deep dive into the 5-phase scan pipeline and the AI agents behind PreBreach.

Beta Program

Learn about the invitation-only beta program and how to get early access to PreBreach.

Domain Verification

Detailed guide on adding domains and troubleshooting DNS verification.

Understanding Reports

Learn how to read your security report, interpret grades, and prioritize remediation.

Requirements

Before you begin, make sure you have:

A web application deployed to a publicly accessible URL
DNS access to the domain you want to scan (for TXT record verification)
Authorization to perform security testing on the target domain
A payment method for your subscription plan

PreBreach works best with modern web applications built on Next.js, React, Supabase, Firebase, and Vercel, but it scans any publicly accessible web application.

Getting Started with PreBreach

Onboarding Flow

Getting your first security assessment involves five steps:

1. Create Your Account

Sign up at prebreach.com using your email address or GitHub account. No credit card is required to create an account — you only pay when you're ready to run a scan.

After signing up, you'll land on your dashboard where you can manage domains, scans, and reports.

2. Add a Domain

Navigate to Domains in your dashboard and click Add Domain. Enter the root domain you want to scan (e.g., example.com).

example.com

PreBreach scans the entire domain including subdomains discovered during reconnaissance. You do not need to add subdomains separately.

Note: Only add domains that you own or have explicit written authorization to test. Unauthorized scanning of third-party domains violates our Terms of Service and may be illegal.

3. Verify DNS Ownership

After adding a domain, you'll receive a unique DNS TXT record to prove ownership. Add this record to your domain's DNS settings:

TXT  _prebreach.example.com  prebreach-verify=abc123def456

Where to add this record:

Vercel: Project Settings → Domains → DNS Records
Cloudflare: DNS → Records → Add Record
Namecheap: Domain List → Manage → Advanced DNS
GoDaddy: DNS Management → DNS Records → Add

DNS propagation typically takes 1-15 minutes. Click Verify in your dashboard once the record is in place. PreBreach will check for the TXT record and confirm ownership.

4. Run Your First Scan

Once your domain is verified, click Start Scan from either the Domains page or the Scans page. Your scan will begin immediately and progress through five automated phases:

Recon — Subdomain discovery, technology fingerprinting, port scanning
Scanning — Vulnerability detection using Nuclei templates and SSL/TLS analysis
AI Analysis — 8 specialized AI agents analyze findings with Claude Opus
Validation — Multi-model consensus checking with GPT cross-validation
Reporting — CVSS v4.0 scoring, grade assignment, report generation

You can monitor scan progress in real time from the scan detail page. Scans typically complete in 30-60 minutes depending on the size and complexity of your application.

5. View Your Report

When the scan finishes, your security report is available immediately. Navigate to Reports in your dashboard to view:

Security Grade (A through F) based on overall findings
Vulnerability breakdown organized by severity (Critical, High, Medium, Low, Info)
Detailed findings with descriptions, evidence, and remediation steps
CVSS v4.0 scores for each vulnerability

You can download reports in PDF, HTML, or JSON format.

Quick Start Checklist

Use this checklist to track your progress:

Create your PreBreach account
Add your domain from the dashboard
Add the DNS TXT verification record
Click Verify and confirm domain ownership
Start your first scan
Wait for the scan to complete (30-60 min)
Review your security report
Download the PDF report for your records

A web application deployed to a publicly accessible URL
DNS access to the domain you want to scan (for TXT record verification)
Authorization to perform security testing on the target domain
A payment method for your subscription plan

PreBreach works best with modern web applications built on Next.js, React, Supabase, Firebase, and Vercel, but it scans any publicly accessible web application.

Getting Started

Getting Started with PreBreach

Onboarding Flow

1. Create Your Account

2. Add a Domain

3. Verify DNS Ownership

4. Run Your First Scan

5. View Your Report

Quick Start Checklist

What's Next

How It Works

Beta Program

Domain Verification

Understanding Reports

Requirements

On this page

Getting Started

Getting Started with PreBreach

Onboarding Flow

1. Create Your Account

2. Add a Domain

3. Verify DNS Ownership

4. Run Your First Scan

5. View Your Report

Quick Start Checklist

What's Next

How It Works

Beta Program

Domain Verification

Understanding Reports

Requirements

On this page