26.5 · May 23 Try free — no signup →

Find every unencrypted SSN in your files. Air-gapped. Yours forever.

PII Crawler scans your files, network shares, and databases on your own hardware. Surface the SSNs, addresses, names, and emails hiding where SaaS tools can’t reach. Nothing ever leaves your network.

Try free — no signup → $ view docs
Full trial. No credit card. 14-day refund · no questions asked.
or buy now → $497 · one-time, yours forever
piicrawler scan ~/share --out report.csv ● air-gapped
NER: en_core_web_lg · regex: 38 patterns net out: 0 B
0 B
outbound during scan
47s
avg. for 14k files
30+
PII types detected
$0
after one-time license
// the gap

You can't secure what you can't see.

PII leaks into places you never put it. The SaaS scanners marketed at you all want to ingest your files into their cloud to find PII — which is the opposite of what your security team signed up for.

.pptx
4 SSNs
Embedded source data
A "summary" chart in a board deck still ships the customer rows it was built from — buried inside the slide XML.
.csv
8,421 emails
Forgotten archives
Last quarter’s backup landed on a public share and nobody owns it. Your scanner can’t reach it from the cloud.
.png
142 names
Screenshots
Order confirmations attached to support tickets carry SSNs and addresses inside the raw image. OCR finds them.
// coverage

Sees what other
scanners miss.

Pattern matching layered with named-entity recognition. Your report isn't 80% false positives.

SSN EMAIL NAME ADDRESS PHONE IP DOB CC# IBAN PASSPORT +20
PDFs (with OCR on embedded images)
.docx, .xlsx, .pptx, legacy OLE
CSV streamed (any size)
Postgres / MySQL / SQL Serversampled in memory
SMB / NFS network shares
.zip / .tar.gz / .7z archivesopened in place
piicrawler scan-2026-04-25 · 14,302 files · 47s ● live filter
filtered in process · no re-scan net out: 0 B
ssh piicrawler --tui ● remote tui
single static binary · no agent · no daemon net out: 0 B
// remote

Easily start a scan on a remote machine with an easy-to-use TUI.

No agents to install. No daemons to register. scp a single binary over, ssh in, launch the TUI, start a scan, and review the results — all from your terminal.

  1. 01
    Copy the binary over
    scp piicrawler user@host:~/
  2. 02
    SSH into the remote machine
    ssh user@host
  3. 03
    Launch the TUI and start a scan
    ./piicrawler
  4. 04
    Review results in place — or export
    ./piicrawler scan / > report.json
// use case

Prove the drive is clean before it leaves the building.

Decommissioned laptops, server disks, and backup drives walk out the door full of customer records. A factory reset or quick format isn’t proof. Scan each disk before it goes to the recycler or resale, surface any PII a wipe missed, and keep the report as your record of disposal.

  1. 01
    Scan the disk to see exactly what PII is still on it
    piicrawler scan /mnt/decom-disk-04 --out before.csv
  2. 02
    Wipe or destroy the media with your own sanitization tool
    shred / blancco / drive destruction
  3. 03
    Re-scan to confirm zero PII remains before it ships
    piicrawler scan /mnt/decom-disk-04 --out after.csv
re-scan verdict before recycle
ssn0
email0
name0
credit-card0
verdictCLEAN
// security model

Your data never leaves your network.

That's not a marketing claim. Run it offline and watch the network counter stay at zero.

verified outbound traffic during scan
tcp.out0 B
udp.out0 B
dns.queries0
tls.handshakes0
01
No outbound network calls during file scans.
Run on an air-gapped host. No license server check, no telemetry, no update probe.
02
Database scanning is sampled, in-memory.
A bounded sample is read over your direct DB connection and scanned in process — never written to disk, never transmitted elsewhere.
03
GDPR & CCPA Article 30 ready.
Export CSV reports satisfy "record of processing" and "categories of personal data" requirements out of the box.
04
No account, no API key, no SaaS.
You receive a signed binary. You own it. There is no service to be deprecated, breached, or repriced.
GDPR CCPA HIPAA-aligned SOC2 evidence
// pricing

One payment. Not a subscription.

Enterprise SaaS
$2,000+ /mo
≈ $72,000 · 3 yr
×Per-user / per-GB billing
×Data leaves your network
×Annual renewals · forever
×Dedicated procurement effort
PII Crawler MAY · $200 OFF
$497 $697 once
save $71,500+ over 3 yr
Unlimited users · machines · scans
Air-gapped on your hardware
Binary is yours · no renewals
Mac · Windows · Linux + CLI
Expert email support, fast
Buy license → $497
14-day refund · no questions asked

“I appreciate your ongoing development of the product and super fast support!”

— Jon S.
// FAQ

Frequently asked questions.

Yes. No monthly fees, no per-user fees, no support contracts, no renewals. You don't rent PII Crawler — you buy it. The binary is yours.
macOS (Apple Silicon), Windows, and Linux. Both a desktop GUI and a CLI build are available for each platform.
Files on local disks and network shares (PDFs with embedded images, Word, Excel, CSV, archives), plus SQL databases. Database rows are sampled and scanned in memory on the machine running PII Crawler.
SSN, email, phone, full name, street address, city / state / ZIP, date of birth, credit-card numbers, IBAN, IP, passport — plus 20+ additional types. New types ship regularly.
Yes. The CLI build emits JSON/CSV and supports --exit-code-on so a build fails automatically when high-severity matches are found. Run it from cron, GitHub Actions, GitLab CI, anywhere.
No. During file scanning, PII Crawler reads and analyzes data on the machine it's running on. It doesn't send or collect any of the data outside your network. Database scans connect directly to your DB; samples are scanned in memory and never written to disk.
The download is the demo. Fully functional, no credit card, no account. Run it on your data and decide.
14-day money-back, no questions asked.
// download

Start scanning in under a minute.

Full trial. No credit card. Runs on your laptop or server.
macOS
darwin-arm64 · signed
piicrawler-cli-macos-arm.zip
Download ↓
14-day refund · no questions asked
Windows
win-x64 · signed
piicrawler-cli-windows-signed.zip
Download ↓
14-day refund · no questions asked
Linux
linux-x64
piicrawler-cli-linux.tar.gz
Download ↓
14-day refund · no questions asked
First-gen builds · legacy GUI, JVM-based
superseded by the builds above — kept for existing customers
macOS ↓ Windows ↓ Linux (.jar) ↓