WebsiteScanner Security Audits
AI-Powered Security Audits

Know Your Website's Vulnerabilities Before Hackers Do

WebsiteScanner runs deep security scans on your website and delivers plain-English AI reports that tell you exactly what to fix and why it matters.

Start Free Audit Sign in

Free Instant Security Check

No account needed · 6 passive checks · Results in ~10 seconds

SSL/TLS Security Headers Port Scanning CMS Vulnerabilities Email Security Threat Intelligence AI Reports PDF Export
Features

Everything your website needs to stay secure

We run the same checks a professional penetration tester would — automatically, on demand.

Scanning Tools

SSL/TLS Certificate

Validates certificate chain, expiry, protocol strength & cipher suites.

Security Headers

Checks CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy & more.

Port Scan

Scans top 20 ports for exposed databases, admin panels & legacy services.

CORS Configuration

Tests cross-origin resource sharing policy for misconfigurations that could expose your data.

Login Page Audit

Checks CSRF protection, username enumeration, rate limiting & form security.

CMS Vulnerability Scan

WPScan for WordPress/WooCommerce, Droopescan for Drupal, Nikto for all platforms.

Directory Discovery

Gobuster finds hidden paths, backup files & admin panels using common wordlists.

Email Security (SPF/DMARC/DKIM)

Verifies email authentication DNS records to prevent spoofing & phishing.

Threat Intelligence

Cloudflare URL Scanner

Scans pages for malware, phishing, tech stack & certificate analysis via Cloudflare Radar.

Google Safe Browsing

Checks Google's real-time threat database for malware & social engineering warnings.

HIBP Breach Database

Checks if your domain appears in known data breaches. Professional+ plans.

AI Reports & Analysis

AI Plain-English Report

Executive summary for business owners, written by Claude AI, explaining risks in plain language with Australian Privacy Act context.

AI Technical Report

Detailed remediation report for developers with specific commands, config changes & CVE references.

Attack Chain Analysis

AI identifies realistic multi-step attack scenarios combining your findings into worst-case impact assessments.

Email Health

Is your email configuration protecting you from spoofing?

Our comprehensive email health check analyses your DNS records and tests your mail server's live SMTP configuration.

6 DNS Record Checks

SPF
DKIM
DMARC
MX Records
Blacklist
BIMI

7 Live SMTP Server Tests

SMTP Ports
Server Banner
STARTTLS
TLS Certificate
Open Relay
MTA-STS
DANE/TLSA

What you get

Score out of 100 with letter grade

Instant A-F rating for your email security posture.

Check history & trend tracking

Track improvements over time as you fix issues.

AI-powered fix instructions

Step-by-step guidance written in plain English. Pro+ plans.

PDF report download

Share results with your team or IT provider. Pro+ plans.

SMTP server live testing

Real connection tests via our dedicated Kali security server.

Check Your Email Health
Track Your Progress

Watch your security score improve over time

Don't just find problems — prove you fixed them. Track, compare, and demonstrate your security improvements.

Scan History

Up to 12 months of scan history. Compare scores between scans to track improvement.

Score Trends

Visual score tracking shows your security posture improving as you fix findings.

Before & After

Re-scan after fixes to prove remediation. Show stakeholders measurable progress.

How it works

Up and running in minutes

No agents to install, no complex setup. Just results.

1

Add your domain

Enter the domain you want to audit. We verify ownership with a simple DNS record.

2

Run a security scan

Choose your plan and kick off the scan. Our automated tools check everything in the background — no waiting around.

3

Get your AI report

Receive a prioritised list of findings plus two AI-written reports — one for your team, one for your boss or client.

Pricing

Simple, transparent pricing

Every plan includes AI-generated reports. No hidden fees.

Starter

Essential checks for small sites

$59/mo

Scanning

  • SSL/TLS Certificate
  • Security Headers
  • Port Scan (top 20)
  • CORS Configuration
  • Login Page Audit
  • CMS Scan (WPScan)

Threat Intel

  • Cloudflare URL Scanner
  • Google Safe Browsing

Reports

  • AI Plain-English Report
  • PDF Export

Up to 3 domains · 30-day history

Get Started
Most Popular

Professional

Deep scans for growing businesses

$129/mo

Scanning

  • All Starter scans
  • Nikto Web Scanner
  • Directory Discovery (Gobuster)
  • Email Security (SPF/DMARC/DKIM)

Threat Intel

  • All Starter intel
  • HIBP Breach Database

Reports

  • AI Plain-English + Technical Report
  • PDF Export

Email Health · Up to 5 domains · 12-month history

Get Started

Enterprise

Full coverage for agencies & teams

$299/mo

Scanning

  • All Professional scans
  • Priority Queue Processing

Threat Intel

  • All Professional intel

Reports

  • All Professional reports
  • Attack Chain Analysis

Unlimited domains · Scheduled scans · Unlimited history

Get Started

All prices in AUD. Annual plans available at a discount. View full pricing

Ready to find out what attackers already know about your site?

Join other website owners protecting their sites with WebsiteScanner.

Start Your Free Audit

We use cookies

We use essential cookies to keep your session secure. Optional cookies help us improve your experience. Privacy Policy · Cookie Policy

Cookie Preferences

Choose which cookies you accept.

Strictly Necessary Required

Session authentication, CSRF protection, and Livewire functionality. The site cannot function without these.

laravel_session, XSRF-TOKEN

Analytics

Helps us understand how the service is used so we can improve it. No personal data is shared with third parties.

_ga, _ga_R581LZLTQX (Google Analytics 4)

Marketing

Used to deliver relevant promotional content. We do not sell your data to third parties.

No marketing cookies currently set.

View Cookie Policy