Scanning through a FirewallIf you need to scan through a firewall or allow Tinfoil to access your staging servers, you may do so by whitelisting our scanner endpoint. Requests from our scanner appear to originate from a single endpoint: scanner.tinfoilsecurity.com . The IP address for this endpoint is static and always set to 18.104.22.168 .
The scanner endpoint may resolve to an AWS-internal IP address if performing a scan that stays within AWS's datacenters. The most accurate AWS-internal IP address can be always found by manually resolving scanner.tinfoilsecurity.com from within AWS, but please note that the AWS-internal IP is not guaranteed to stay constant within AWS and should be refreshed often.
If you'd like to whitelist our security group to access your website, you can use the following information to do so:
AWS Account Id: 053417869307
Security Group Id: sg-1c090974
For more complex scanning, you can check out Tinfoil's Bifrost (SSH tunnel solution) here. We also have a fully managed Virtual Appliance available for our enterprise customers. Contact our support team for more information on either option.