Docs / Running Scans

Running Scans

Configure and launch security scans against your targets

Starting a scan

  1. Click New Scan in the sidebar
  2. Choose a scan type (see below)
  3. Pick a discovery preset
  4. Select one or more targets, either from your existing targets or enter custom ones
  5. Click Start Scan

Luna will queue your scan and begin processing. You can monitor progress from the Scans page.

Note: You can only run one scan at a time per set of targets. If a scan is already in progress for the same targets, you'll need to wait for it to complete first.

Scan types

Quick Scan

Fingerprinting and known CVE detection for common vulnerability classes (CVE, SQLi, XSS, RCE). Best for a rapid overview when you need results quickly.

Comprehensive Scan

Broad fingerprinting and known vulnerability detection across all categories including misconfigurations, exposed panels, backups, and technology detection. Recommended for regular assessments. Enable Deep Scan for active testing with attack payloads (SQLi, XSS, fuzzing).

CVE-Only Scan

Fingerprinting scan focused exclusively on known CVEs (Common Vulnerabilities and Exposures). Useful when you want to check whether your targets are affected by specific published vulnerabilities.

Discovery options

Discovery presets control what Luna looks for beyond vulnerabilities:

Full Discovery

Runs port scanning and SSL/TLS analysis alongside the vulnerability scan. Gives you a complete view of exposed services and certificate status.

Vulnerability Scan Only

Skips discovery and goes straight to vulnerability checks. Faster, but you won't get port or SSL data.

Custom

Pick and choose which discovery features to enable: port scanning, SSL analysis, or both.

Port scan depth

Port scanning checks the top 1,000 most common ports, covering the vast majority of services you'd expect to find on internet-facing infrastructure.

Deep scan mode

Deep scan enables extended checks with longer timeouts, additional request patterns, and browser-based rendering. This can uncover issues that standard scans miss due to time constraints or JavaScript-rendered content. Deep scan significantly increases scan time. Available on Professional plans and above.

Important: Deep scan sends active payloads to your targets. Only scan systems you own or have explicit authorisation to test. Deep scans may trigger WAF or IDS alerts on the target infrastructure.

Viewing scan results

Once a scan completes, you can view its results from the Scans page:

  1. Click on a completed scan to expand it
  2. Use the tabs to switch between Vulnerabilities and Discovery

Each vulnerability shows its severity, a description, and remediation guidance. The Discovery tab combines all discovery data in one view: open ports and running services, and SSL/TLS certificate details and protocol versions.

You can also export the raw data for any scan using the export button.

Scheduled scans

Automate your scanning by setting up recurring schedules:

  1. Go to Scheduled Scans in the sidebar
  2. Click Create Schedule
  3. Give it a name and select your targets
  4. Choose a scan type and discovery preset
  5. Set the frequency: hourly, every few hours, daily, weekly, monthly, or a custom cron expression
  6. Click Create Schedule

Scheduled scans appear as cards showing the targets, frequency, last run status, and the next scheduled run time. You can enable, disable, edit, or delete them at any time.

Tip: Setting up a weekly comprehensive scan is a good way to maintain continuous visibility over your security posture without manual effort.
Next guide Vulnerabilities & Reports