26.4 · April 18 Try free — no signup →
5★ · 41 reviews · 26.4

Find every unencrypted SSN in your files. Air-gapped. Yours forever.

PII Crawler scans your files, network shares, and databases on your own hardware. Surface the SSNs, addresses, names, and emails hiding where SaaS tools can’t reach. Nothing ever leaves your network.

Try free — no signup → $ view docs
Full trial. No credit card. Runs on your laptop or server.
piicrawler scan ~/share --out report.csv ● air-gapped
NER: en_core_web_lg · regex: 38 patterns net out: 0 B
0 B
outbound during scan
47s
avg. for 14k files
30+
PII types detected
$0
after one-time license
// the gap

You can't secure what you can't see.

PII leaks into places you never put it. The SaaS scanners marketed at you all want to ingest your files into their cloud to find PII — which is the opposite of what your security team signed up for.

.pptx
4 SSNs
Embedded source data
A "summary" chart in a board deck still ships the customer rows it was built from — buried inside the slide XML.
.csv
8,421 emails
Forgotten archives
Last quarter’s backup landed on a public share and nobody owns it. Your scanner can’t reach it from the cloud.
.png
142 names
Screenshots
Order confirmations attached to support tickets carry SSNs and addresses inside the raw image. OCR finds them.
// coverage

Sees what other
scanners miss.

Pattern matching layered with named-entity recognition. Your report isn't 80% false positives.

SSN EMAIL NAME ADDRESS PHONE IP DOB CC# IBAN PASSPORT +20
PDFs (with OCR on embedded images)
.docx, .xlsx, .pptx, legacy OLE
CSV streamed (any size)
Postgres / MySQL / SQL Serversampled in memory
SMB / NFS network shares
.zip / .tar.gz / .7z archivesopened in place
piicrawler scan-2026-04-25 · 14,302 files · 47s ● live filter
filtered in process · no re-scan net out: 0 B
ssh piicrawler --tui ● remote tui
single static binary · no agent · no daemon net out: 0 B
// remote

Easily start a scan on a remote machine with an easy-to-use TUI.

No agents to install. No daemons to register. scp a single binary over, ssh in, launch the TUI, start a scan, and review the results — all from your terminal.

  1. 01
    Copy the binary over
    scp piicrawler-cli user@host:~/
  2. 02
    SSH into the remote machine
    ssh user@host
  3. 03
    Launch the TUI and start a scan
    ./piicrawler-cli
  4. 04
    Review results in place — or export
    ./piicrawler-cli scan / --format json > report.json
// security model

Your data never leaves your network.

That's not a marketing claim. Run it offline and watch the network counter stay at zero.

verified outbound traffic during scan
tcp.out0 B
udp.out0 B
dns.queries0
tls.handshakes0
01
No outbound network calls during file scans.
Run on an air-gapped host. No license server check, no telemetry, no update probe.
02
Database scanning is sampled, in-memory.
A bounded sample is read over your direct DB connection and scanned in process — never written to disk, never transmitted elsewhere.
03
GDPR & CCPA Article 30 ready.
Export CSV reports satisfy "record of processing" and "categories of personal data" requirements out of the box.
04
No account, no API key, no SaaS.
You receive a signed binary. You own it. There is no service to be deprecated, breached, or repriced.
GDPR CCPA HIPAA-aligned SOC2 evidence
// pricing

One payment. Not a subscription.

Enterprise SaaS
$2,000+ /mo
≈ $72,000 · 3 yr
×Per-user / per-GB billing
×Data leaves your network
×Annual renewals · forever
×Dedicated procurement effort
PII Crawler APRIL · $200 OFF
$497 $697 once
save $71,500+ over 3 yr
Unlimited users · machines · scans
Air-gapped on your hardware
Binary is yours · no renewals
Mac · Windows · Linux + CLI
Expert email support, fast
Buy license → $497
14-day refund · no questions asked
// reviews

5.0 average across 41 reviews.

★★★★★ verified buyers · 41 reviews
★★★★★

"I appreciate your ongoing development of the product and super fast support!"

— Jon S.verified buyer
// FAQ

Frequently asked questions.

Yes. No monthly fees, no per-user fees, no support contracts, no renewals. You don't rent PII Crawler — you buy it. The binary is yours.
macOS (Apple Silicon), Windows, and Linux. Both a desktop GUI and a CLI build are available for each platform.
Files on local disks and network shares (PDFs with embedded images, Word, Excel, CSV, archives), plus SQL databases. Database rows are sampled and scanned in memory on the machine running PII Crawler.
SSN, email, phone, full name, street address, city / state / ZIP, date of birth, credit-card numbers, IBAN, IP, passport — plus 20+ additional types. New types ship regularly.
Yes. The CLI build emits JSON/CSV and supports --exit-code-on so a build fails automatically when high-severity matches are found. Run it from cron, GitHub Actions, GitLab CI, anywhere.
No. During file scanning, PII Crawler reads and analyzes data on the machine it's running on. It doesn't send or collect any of the data outside your network. Database scans connect directly to your DB; samples are scanned in memory and never written to disk.
The download is the demo. Fully functional, no credit card, no account. Run it on your data and decide.
14-day money-back, no questions asked.
// download

Start scanning in under a minute.

Full trial. No credit card. Runs on your laptop or server.
macOS
darwin-arm64
PIICrawler-macos.zip
Download ↓
Windows
win-x64 · signed
PIICrawler-signed.msi
Download ↓
Linux
linux-x64
piicrawler.jar
Download ↓
CLI build · for CI/CD, cron, shell automation
$ piicrawler scan ./repo --format json --exit-code-on high
macOS ↓ Windows ↓ Linux ↓