Back to Home

How to Use Services

Step-by-step instructions for Pentlix's security testing tools

Getting Started

Step 1: Create Your Account

Sign up with your email address and create a secure password. You'll need to verify your email and accept our Terms of Use before accessing security testing services.

Step 2: Accept Terms of Use

You must accept our Terms of Use and confirm that you will only test systems you have explicit authorization to test.

Step 3: Choose Your Service

Navigate to your dashboard and select from 6 professional security testing services:

SMTP Spoofing

Test email authentication

Data Leak Check

Search breach databases

Mobile App Scanner

Analyze APK/IPA security

Source Code Analysis

Static code security scan

Web Vulnerability Scanner

DAST web app testing

SSL/TLS Checker

Certificate validation

Step 4: Run Your First Scan

Follow the on-screen instructions for each service. Enter your target information, configure scan parameters, and review results.

Services Guide

SMTP Spoofing Tester

Tests whether a mail server properly authenticates sender identity and implements anti-spoofing measures like SPF, DKIM, and DMARC.

How to Use:

  1. Enter the spoofed sender email address and name
  2. Provide the recipient email (must be an address you control)
  3. Write a test subject and message
  4. Submit the test and check the recipient inbox
  5. Verify if the email was delivered, marked as spam, or rejected

Data Leak Check

Searches through public data breach databases to determine if an email, username, or other identifier has been compromised.

How to Use:

  1. Enter the email address or username to search
  2. Select the appropriate search type (email, username, etc.)
  3. Click "Search Data Breaches"
  4. Review the list of breaches where data was found
  5. Follow remediation recommendations (change passwords, enable 2FA)

Mobile App Scanner

Analyzes Android (APK/XAPK) and iOS (IPA) applications for security vulnerabilities, dangerous permissions, and insecure code patterns.

How to Use:

  1. Upload your APK, XAPK, or IPA file (max 100MB)
  2. Wait for the analysis to complete (1-3 minutes)
  3. Review the security score and identified issues
  4. Examine dangerous permissions and vulnerable libraries
  5. Implement recommended fixes before release

Source Code Analysis

Performs static application security testing (SAST) on source code to identify vulnerabilities, hardcoded secrets, and insecure coding patterns.

How to Use:

  1. Package your source code in a ZIP or RAR archive (max 100MB)
  2. Upload the archive to the scanner
  3. Wait for static analysis to complete
  4. Review findings: SQL injection, XSS, hardcoded credentials, etc.
  5. Remediate issues before deploying to production

Web Vulnerability Scanner

Comprehensive dynamic application security testing (DAST) that actively scans web applications for vulnerabilities like SQL injection, XSS, CSRF, and security misconfigurations.

How to Use:

  1. Enter the target URL (must have authorization to scan)
  2. Click "Start Vulnerability Scan" to initiate
  3. Save the Target ID provided (scans take 5-30 minutes)
  4. Use "Check Results" tab to monitor scan progress
  5. Review detailed findings, CVEs, and remediation steps when complete

SSL/TLS Checker

Evaluates SSL/TLS configuration, certificate validity, supported protocols, cipher strength, and known vulnerabilities like Heartbleed or POODLE.

How to Use:

  1. Enter the domain or full HTTPS URL
  2. Click "Start SSL/TLS Check"
  3. Wait for the scan to complete (30-90 seconds)
  4. Review certificate details, expiration dates, and chain validity
  5. Check for weak ciphers, deprecated protocols, and vulnerabilities
  6. Implement recommendations to improve security posture