free security tools
← Back to tools

Web Auditor

Security audit for any URL. Checks 10 categories: DNS, email security, WAF detection, tech stack, SRI, mixed content, form security, iframe analysis, base tag, and HTML comments. Generates a PDF-ready report with prioritized recommendations. Note: header-based checks (SSL, redirects) require running curl directly.

Enter a URL and click Run Audit. The audit checks DNS, email security, SRI, mixed content, form security, iframes, base tag, HTML comments, tech stack, and page meta. Results include a full report with prioritized recommendations. Use the Print button to export as PDF.

What is Web Auditor?

Full website security audit: DNS, email security, SRI, mixed content, form security, iframe analysis, tech stack detection, and more.

Security Guide

Audit scope
Checks 10 categories client-side: DNS, email, WAF, SRI, mixed content, forms, iframes, base tag, comments
Mixed content
Update all HTTP resources to HTTPS — browsers block/warn about mixed content
Subresource Integrity (SRI)
Add SRI hashes to external scripts/stylesheets → CSP Hash Generator
HTML comment leaks
Remove sensitive HTML comments — attackers scan source for leaked secrets
Form security
Use HTTPS endpoints for all form actions → Cookie Analyzer
Iframe sandboxing
Add sandbox attribute to iframes to restrict capabilities