WINDOWS ARTIFACT SCANS

Screenshare checks,
backed by data

Shaher collects BAM, Prefetch, memory-backed paths, DNS cache, signatures, and other host signals—then ships one report per scan to your dashboard.

Open dashboard See coverage
ShaherScan.exe
650+
Cheat Signatures
15+
Scan Sources
<0.1%
False positives (goal)
600+
Memory Patterns
Coverage

What the scanner pulls

Built for FiveM / PC screenshare workflows: one binary, many artifact sources, one structured report.

Host artifacts

BAM, Prefetch, PcaSvc, DiagTrack, AppInfo, selected registry hives—queried in one pass.

Memory-backed strings

Reads from PcaSvc, DiagTrack, DNS cache, and LSASS where configured—useful for domains and paths that never hit disk cleanly.

Code signing

Authenticode / catalog checks on binaries we surface, plus flags for mismatched or suspicious signatures.

PINs & sessions

Each run is keyed with a disposable PIN or session id. Reports land only on the owning license.

USB history

Lists storage devices seen by Windows with first/last attach times when the OS recorded them.

Dashboard

Scan list, simple charts, and detection tags so staff can compare machines without digging through raw logs.

Workflow

How a scan runs

Staff issues a link; the player runs the exe; you read the report online.

1

Account & license

Register, sign in, paste the license you were given.

2

New session

From the dashboard, create a session and copy the download link.

3

On the target PC

They download ShaherScan, run as admin, enter the code when asked.

4

Report

The upload attaches to your license; open it from Scan history when it appears.

Pricing

Plans

Pick what fits your server size; upgrade if volume grows.

Starter

One license key, full scanner build, dashboard, and stored scan history.

Get Started

Pro

Higher scan volume, richer charts, longer retention. Pricing on request.

Sign Up

Enterprise

Custom quotas, integrations, and support terms—talk to us for a quote.

Contact
Docs

Quick reference

Login · Dashboard · New session · Send link · Player runs ShaherScan · Report shows under your license.

1

Access

Use Login or Sign up in the header. The dashboard loads after authentication.

2

Dashboard

Enter the license key if prompted, then use New session to mint a link and code.

3

Scan & report

Pass the link to the person being checked. When the upload finishes, the scan row appears—open it for the full HTML report.

FAQ

Frequently Asked Questions

Why Shaher?

It automates the boring part of a screenshare: artifact dumps, signing checks, and cheat/threat string hits in one report.

Supported OS

Windows 7 through 11. Admin rights are required so the collector can read protected locations.

Where are my scans?

Dashboard → Scan history. Each row opens the report for that machine in a new tab.

Need an account?

Sign up, drop in your license, and issue the first session in a few minutes.

Get Started