ImmuniWeb Community Edition - Website Security Test
The Website Security Test is a free online tool to perform web security and privacy tests:
- Non-intrusive GDPR compliance check related to web application security.
- Non-intrusive PCI DSS compliance check related to web application security.
- Analysis of CMS and its components for outdated versions and publicly-known vulnerabilities.
- Analysis of HTTP methods that may put web server, web application or website visitors at risk.
- Detailed analysis (syntax, validity, trustworthiness) of HTTP security headers:
- Strict-Transport-Security (also known as HSTS)
- Content-Security-Policy (also known as CSP)
- Analysis of altered, and thus potentially malicious, JS libraries.
- Analysis of ViewState for misconfigurations and security weaknesses.
- Analysis of web application cookies for security flags.
- Detection of domain’s presence in various Blacklists.
- Detection of Cryptojacking within JS code.
- Detection of WAF presence.
References & How-To's
The following security experts helped us improve this free product:
- Alex H.
- Anik, Store Republic
- Doug Nelson
- Freddie Leeman
- Gunnar Schwant
- Ibtihaaj Khurram
- Joseph Guay, Korem Geospatial
- Kelley Hugh, Sompo International
IP ranges of our outbound servers are: