Website Security Test

  • GDPR & PCI DSS Test
  • Website CMS Security Test
  • CSP & HTTP Headers Check
  • WordPress & Drupal Scanning
Free online tool to test website security
151,324,927websites tested for security

ImmuniWeb Community Edition - Website Security Test

The ImmuniWeb® Community Edition is collection of free online tools provided by ImmuniWeb SA pursuant to these Terms of Service for the small and medium businesses, municipal government, colleges and universities, software engineers, and other entities and individuals to help them making their applications more secure and reduce their cyber risks.

The Website Security Test is a free online tool to perform web security and privacy tests:

  • Non-intrusive GDPR compliance check related to web application security.
  • Non-intrusive PCI DSS compliance check related to web application security.
  • Analysis of CMS and its components for outdated versions and publicly-known vulnerabilities.
  • Analysis of HTTP methods that may put web server, web application or website visitors at risk.
  • Detailed analysis (syntax, validity, trustworthiness) of HTTP security headers:
    • Server
    • Strict-Transport-Security (also known as HSTS)
    • X-Frame-Options
    • X-Powered-By
    • X-Content-Type-Options
    • X-XSS-Protection
    • X-AspNet-Version
    • Content-Security-Policy (also known as CSP)
    • Access-Control-Allow-Origin
    • Content-Security-Policy-Report-Only
    • Referrer-Policy
    • Permissions-Policy
  • Analysis of altered, and thus potentially malicious, JS libraries.
  • Analysis of ViewState for misconfigurations and security weaknesses.
  • Analysis of web application cookies for security flags.
  • Detection of domain’s presence in various Blacklists.
  • Detection of Cryptojacking within JS code.
  • Detection of WAF presence.

References & How-To's


The following security experts helped us improve this free product:

  • Alex H.
  • Anik, Store Republic
  • Doug Nelson
  • Freddie Leeman
  • Gunnar Schwant
  • Ibtihaaj Khurram
  • Joseph Guay, Korem Geospatial
  • Kelley Hugh, Sompo International

IP Ranges

IP ranges of our outbound servers are: