Free tools

Single-purpose security tools

Each tool below focuses on one slice of your public posture. They're all powered by the same scan engine that backs the full 0–100 hardening score — so once you're done with one, the broader scan is a click away.

• Security headers checker

  Test HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy coverage in one pass.

• TLS checker

  TLS protocol versions, cipher suites, certificate validity, and HTTP-to-HTTPS redirect coverage.

• Cookie inspector

  Parse Set-Cookie headers and validate Secure, HttpOnly, and SameSite attributes on session cookies.

• DMARC checker

  Lookup your DMARC TXT record, parse the policy and reporting tags, and see where you sit on the rollout journey.

• SPF checker

  Resolve your SPF TXT record, walk includes, count DNS lookups, and flag patterns that quietly break alignment.

• DKIM checker

  Probe common DKIM selectors, validate public-key format, and confirm DMARC alignment is supported.

• Authentication-Results parser

  Paste any email's Authentication-Results header and see DKIM signers, SPF, DMARC verdicts, and alignment with the From: domain — the definitive DKIM check when your sender uses non-enumerable selectors.