Submit a Scan

Automated ERC-20 risk screening.

Submit a verified token contract on Ethereum, Base, or supported testnets. Receive a private PDF report with source/proxy signals, access-control signals, holder concentration, DEX liquidity, fund-flow traces, and an engine verdict. Free during beta.

Automated tool output. Not a security audit, investment advice, or a guarantee of safety.

Chain

Token contract address

Your email

Your role

Project name (optional)

Context notes (optional)

Related contracts (optional, max 9)

Helps us scan the whole system, not just the token. Add the sale contract, vesting, treasury, governance, etc.

How did you hear about us? (optional)

I accept the Terms of Use, including eligibility and sanctions restrictions, and the Privacy Policy.

I consent to my scan being listed publicly on xcactus Scan (optional).

One primary token plus up to 9 related contracts. PDF report arrives by email when finished.

Our competence

Built by xcactus

xcactus is a software engineering company from Poznań, Poland. Since 2008, we have built reliable systems for finance, enterprise, commerce, and regulated environments.

Scan packages part of our internal Web3 and security workflow into a fast automated first-pass report. Need more than automated screening? We help with full smart-contract audits, secure Web3 product engineering, backend/cloud architecture, compliance-ready technical documentation, and AI-assisted internal tooling.

Source & proxy verification

Static analysis signals

On-chain evidence

Private PDF report

Our methodology

A reproducible scan, not a vibe-check.

Every scan runs through source/proxy checks, ERC-20 surface probes, static-analysis signals, access-control review, holder concentration, DEX liquidity, and bounded fund-flow tracing. The report separates observed facts, risk signals, coverage gaps, and engine verdicts.

Read the methodology