Website Security Test

ImmuniWeb Community Edition - Website Security Test

The ImmuniWeb® Community Edition is collection of free online tools provided by ImmuniWeb SA pursuant to these Terms of Service for small and medium businesses, municipal and local governments, colleges and universities, students and individual software engineers, as well as to other entities, to help them make their applications more secure, reduce their cyber risks and improve their cybersecurity posture, data protection and privacy practices.

The Website Security Test is a free online tool to perform web security and privacy tests:

• Non-intrusive GDPR compliance check related to web application security.
• Non-intrusive PCI DSS compliance check related to web application security.
• Analysis of CMS and its components for outdated versions and publicly-known vulnerabilities.
• Analysis of HTTP methods that may put web server, web application or website visitors at risk.
• Detailed analysis (syntax, validity, trustworthiness) of HTTP security headers:
  • Server
  • Strict-Transport-Security (also known as HSTS)
  • X-Frame-Options
  • X-Powered-By
  • X-Content-Type-Options
  • X-XSS-Protection
  • X-AspNet-Version
  • Content-Security-Policy (also known as CSP)
  • Access-Control-Allow-Origin
  • Content-Security-Policy-Report-Only
  • Referrer-Policy
  • Permissions-Policy
• Analysis of altered, and thus potentially malicious, JS libraries.
• Analysis of ViewState for misconfigurations and security weaknesses.
• Analysis of web application cookies for security flags.
• Detection of domain’s presence in various Blacklists.
• Detection of Cryptojacking within JS code.
• Detection of WAF presence.