rs0n.io: Free Website Security Scanner and Scorecard

rs0n.io grades any public URL on Content Security Policy, security headers, cookies, TLS posture, email authentication (SPF, DMARC, DKIM, MTA-STS), DNS posture, technology stack, leaked secrets, and sensitive-path exposure, with plain-language remediation for every finding. It is free, requires no signup, and stores nothing after you close the tab. JavaScript is required to run a scan.

Learn bug bounty hunting in the free Bug Bounty Launch Pad workshop: six sessions on programs and tools, reconnaissance methodology, manual and automated testing, report writing, and hunting AI and LLM vulnerabilities.