About Menscan

Security scanner for Mendix applications.

The Story

I built Menscan because I kept doing the same manual checks on every Mendix pentest. General scanners don't understand how Mendix works, the session structure, entity exposure, common misconfigurations.

So I automated it. Extract session metadata, check for demo users, look for secrets in constants, map the domain model. Menscan does all that and shows you what matters.

Use it for pentests, bug bounties, or just to see what your Mendix app is exposing.

SUPERP logo

Sponsored by SUPERP

Supporting security tools

SUPERP lets me work on Menscan during company time. That's how I can keep adding features and fixing bugs.

Without their support, this would be a weekend project. Thanks to them, it's actually useful.

Support the Project

Menscan is free. If it helps you, consider buying me a coffee.

☕ Buy Me a Coffee