Built for university IT administrators

Audit your student portal in seconds

Paste a portal URL and get a detailed report on TLS, security headers, session cookie hygiene, exposed endpoints, and known CVE indicators — branded for higher-ed infrastructure.

Non-intrusive. Read-only HTTP requests. No authentication attempts.

Transport & TLS

HTTPS enforcement, HSTS strength, and HTTP→HTTPS redirect verification.

Hardening headers

CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy and more.

Exposure checks

Probes for .env, .git, server-status, phpinfo, and leaky version banners.