我搭建了一个网站安全扫描器
2 分•作者: pelmenibenni•1 天前
我是一名独立开发者,在过去一年里,我反复遇到同样的问题:
我发布项目时总想着“稍后我会妥善处理安全问题”,但说实话,我的网络安全知识很差劲。
我经常会忘记一些事情,比如:
* 缺少安全标头
* 薄弱的 TLS / SSL 配置
* 扫描器应该及早发现的基本配置错误
所以我开发了 SecureNow,一个安全扫描器,用于检查网站是否存在常见漏洞,并提供清晰的报告和修复建议。
它并非要取代渗透测试——它旨在作为一个快速的“基线安全检查”,您可以在部署之前或之后运行。
它专为开发者 / 小型团队设计。
我认为一些功能非常酷:
* 开放端口扫描(很少有网站具备这些功能)
* 速率限制检测器
* API 路由检查器
我今天发布了它,真心希望得到反馈:
* 这有用吗?
* 您希望此类工具有哪些检查功能?
* 什么会让您不信任它?
* 价格是否过高?
链接:https://www.securenow.dev
很乐意回答任何技术问题。
查看原文
I’m a solo developer and over the last year I kept running into the same problem:
I’d ship projects thinking “I’ll secure this properly later” but my cybersecurity knowledge is bad honestly.<p>I’d forget things like:
- missing security headers
- weak TLS / SSL configs
- basic misconfigurations that scanners should catch early<p>So I built SecureNow a security scanner that checks websites for common vulnerabilities and gives a clear report with fix recommendations.<p>It’s not trying to replace pentesting — it’s meant as a fast “baseline security check” you can run before or after deploying.<p>It's designed for developers / small teams<p>Some features I thought were pretty cool:
- Open Port Scanning (Not many websites have these)
- Rate Limit Detector
- API Route Checker<p>I launched it today and would genuinely love feedback:
- Is this useful?
- What checks would you expect from a tool like this?
- What would make you not trust it?
- Is it too overpriced?<p>Link: https://www.securenow.dev<p>Happy to answer any technical questions.