我开发了一个网站安全扫描器。
我是一个独立开发者,在过去的一年里,我一直遇到同样的问题:我在发布项目时总是想着“我稍后会好好处理安全问题”,但老实说,我的网络安全知识很薄弱。
我常常忘记一些事情,比如:
- 缺少安全头部
- 弱的TLS/SSL配置
- 扫描器应该早期捕捉到的基本配置错误
因此,我开发了SecureNow,这是一个安全扫描工具,可以检查网站的常见漏洞,并提供清晰的报告和修复建议。
它并不是为了取代渗透测试——而是作为一个快速的“基础安全检查”,你可以在部署前或后运行。
这个工具是为开发者和小团队设计的。
我觉得一些功能非常酷:
- 开放端口扫描(并不是很多网站都有这些)
- 速率限制检测
- API路由检查
我今天发布了这个工具,真的很希望能得到反馈:
- 这个工具有用吗?
- 你希望从这样的工具中获得哪些检查?
- 有什么会让你不信任它?
- 价格是否过高?
链接:https://www.securenow.dev
欢迎随时提出任何技术问题。
查看原文
I’m a solo developer and over the last year I kept running into the same problem:
I’d ship projects thinking “I’ll secure this properly later” but my cybersecurity knowledge is bad honestly.<p>I’d forget things like:
- missing security headers
- weak TLS / SSL configs
- basic misconfigurations that scanners should catch early<p>So I built SecureNow a security scanner that checks websites for common vulnerabilities and gives a clear report with fix recommendations.<p>It’s not trying to replace pentesting — it’s meant as a fast “baseline security check” you can run before or after deploying.<p>It's designed for developers / small teams<p>Some features I thought were pretty cool:
- Open Port Scanning (Not many websites have these)
- Rate Limit Detector
- API Route Checker<p>I launched it today and would genuinely love feedback:
- Is this useful?
- What checks would you expect from a tool like this?
- What would make you not trust it?
- Is it too overpriced?<p>Link: https://www.securenow.dev<p>Happy to answer any technical questions.