Analyze Your Website Security

One-page scanner for HTTPS, headers (HSTS, CSP, X-Frame-Options), cookies, libraries, CMS markers, and more. Works with **internet or localhost URLs** (e.g., http://localhost:8080). Export results, read recommendations, and leave feedback — all in one page.

How it works Watch tutorials

Start a Scan

Enter a full URL. For localhost, use a URL (not a folder path), e.g. http://localhost:3000.

🔗
Tip: you can paste a full URL; we’ll auto-fix missing protocols.

About PentraWeb

A compact, on-page scanner to help you ship safer sites. Built with PHP + cURL, requires only a single file.

2025 Concept formed
2025 First release
2025 Major refresh with reports, exports & tutorials
Scope
Non-intrusive checks (headers, markup). Does not brute-force or exploit.
Privacy
No data is sent anywhere else. Results render locally and can be exported on your machine.
Limitations
Some apps set headers only after auth routes. For localhost URLs, the PHP server must reach them.

Instructions

  1. On Home, paste a full URL (e.g., https://example.com or http://localhost:5173).
  2. Click Run Scan. The loader shows each test with a short description.
  3. Scroll to Scan Report for detailed cards and your overall rating.
  4. Toggle the What-if switches to preview your score after fixes.
  5. Open Recommendations for step-by-step guides and export options.
  6. Use Contact Us to reach the team, or submit a Review in the same page.

Video Tutorials

HTTP Security Headers

HSTS in practice

Content Security Policy (CSP) explained

Contact Us

Copied to clipboard