Web-Check
Enter a URL and get a dashboard of everything publicly discoverable about its security
posture, server architecture, and technology stack: Web-Check is an all-in-one OSINT tool for
analyzing any website. One scan surfaces IP info and server location, the full SSL certificate
chain with issuing authority and validity, DNS records (A, MX, NS, CNAME, TXT) with DNSSEC
status, HTTP response headers interpreted for security directives like HSTS, CSP, and
X-Frame-Options, cookies and their flags, WHOIS domain info, robots.txt crawl rules, a
sitemap-derived page map, the redirect ledger, open ports, traceroute, detected technologies,
third-party trackers, associated hostnames, site performance, and even carbon footprint. Each
card explains what the data means and why it matters, which makes the tool double as a
security education resource - junior engineers learn headers and attack surfaces by scanning
real sites. Practical uses span pre-deployment security audits (catch missing headers and
misconfigurations before they ship), privacy compliance checks (identify trackers and cookie
behavior for GDPR work), competitive tech-stack research, and network debugging via DNS and
redirect inspection. Built by Lissy93 in TypeScript, it deploys as a single Docker container,
and self-hosting keeps your reconnaissance targets and audit activity off third-party
services.
Deploy