Permitted use
Use the scanner for domains you own, manage, or have permission to review. Do not use it to harass, overload, or repeatedly probe third-party sites.
Security is a lightweight public-signal website security education tool. It is not a replacement for a full security audit or penetration test.
Use the scanner for domains you own, manage, or have permission to review. Do not use it to harass, overload, or repeatedly probe third-party sites.
The scanner reads public DNS, TLS, headers, security.txt, and homepage metadata. It does not exploit, brute-force, authenticate into systems, or test private application areas.
Summaries and priority plans are educational guidance generated from scan findings. Verify changes with your developer, DNS provider, host, or security team before applying them.
Results are best-effort and may be incomplete when providers block requests, change headers, hide records, or rate-limit public checks. Always rerun and manually verify important fixes.