Domains
The Domains page is where you manage all the domains you want Ryft to monitor and scan. Think of it as your asset inventory — every domain you add here becomes part of your attack surface that Ryft will continuously discover and test.
Adding a Domain
Domains Table
The table lists all your domains with the following information:
Domain name — The root domain you added
Status — Whether the domain has been scanned or is pending
Created date — When you added the domain
Scan status — Shows if a scan is currently running, completed, or hasn't been started yet
You can search, filter, and sort the table:
Search — Filter domains by name
Sort — Sort by name, date created, or status
Filter by date — Show domains added within a specific timeframe
Filter by status — Show only scanned or unscanned domains
Actions Per Domain
Each domain row has action buttons that let you navigate to domain-specific pages:
Scan — Opens a scan configuration dialog (see below)
View Results — Navigate to the Results Dashboard for that domain
Vulnerabilities — Jump to the Vulnerability Dashboard for that domain
Cloud Modules — Go to the Cloud Modules page for that domain
Schedule — Set up a recurring Scheduled Scan for that domain
Delete — Remove the domain and all associated data
Scan Configuration Dialog
When you click Scan, a dialog opens with two tabs:
Choose your scan mode:
Discovery Only — Runs reconnaissance modules to discover subdomains, live hosts, and other assets. This is a passive-first approach that maps your attack surface without running vulnerability tests.
Full Scan (Recon + Vulnerability Modules) — Runs discovery first, then automatically launches vulnerability testing modules against discovered assets.
If you select Full Scan, you can pick which vulnerability modules to enable.
Vulnerability Modules
General Scan — Comprehensive vulnerability testing using thousands of templates
Sensitive Files — Detects exposed configuration files, backups, and admin panels
Custom Templates — Runs your own custom vulnerability templates
SSRF — Tests for server-side request forgery
Directory Traversal — Tests for path traversal vulnerabilities
Open Redirect — Detects unvalidated redirect issues
Subdomain Takeover — Checks for dangling DNS records
JS Secrets — Scans JavaScript files for exposed API keys and tokens
XSS — Tests for cross-site scripting vulnerabilities
Hygiene Modules
DNS Security Hygiene — Checks SPF, DKIM, DMARC, and other DNS security records
TLS/SSL Hygiene — Analyzes certificate validity and cipher configuration
Security Headers — Checks for missing or misconfigured HTTP security headers
Cloud Modules
S3 Buckets — Discovers misconfigured Amazon S3 buckets
GCP Buckets — Discovers misconfigured Google Cloud Storage buckets
Cloud Asset Inventory — Comprehensive cloud infrastructure discovery
Each module shows which subscription tier is required to use it.
For a detailed explanation of what each module does, see How Scanning Works.
Authentication Header — Add custom authentication headers if your targets require them
Custom Headers — Add additional HTTP headers to include in scan requests
Rate Limiting Profile — Choose between Conservative, Moderate, or Aggressive rate limiting to control how fast scans run against your targets
Custom Templates — Select which of your custom vulnerability templates to include
Deleting a Domain
Click the delete icon next to a domain to remove it. This will permanently delete the domain and all associated data including subdomains, scan results, and vulnerability findings. A confirmation dialog will appear before deletion.