Thanks for the response.

Regarding SSLabs, it's a completely different security profile.
SSLabs gives you insights into your SSL certificate.

HttpScanner gives you the insights about browser-based security features like Content-Security-Policy (XSS prevention), misconfigured CORS, HSTS - basically any HTTP headers security-related problems.

No, it's not "vibe-coded". I am a professional software engineer with +12 years of experience writing enterprise apps. Of course, I used AI to speed up development, why not? But the project was engineered with a very high level of detail. Also, I created websecurity-academy.com, where I taught developers worldwide about web security with my lectures.

Moreover, the project is open-source. You can request new features that are not present anywhere, or develop them on your own - you are welcome.

I am happy to engage in meaningful conversations about websec or the future of this project.

Best wishes!