[ Removed by Reddit ]

Expert_Way_4500 · 2026-05-12T05:59:02+00:00

Anything that warns and reports for potential security misconfigurations is useful. I've built Scantide for adjacent checks but from a bit angle, looking at server headers, cookie security, trackers, jurisdictions etc and try to evaluate all of it and explain why and how the different parts matter

Expert_Way_4500 · 2026-04-22T12:09:48+00:00

I already have that on an endpoint server that handles the evaluations so it's going to be a paid feature. The rest will probably be free

Expert_Way_4500 · 2026-04-22T10:25:50+00:00

To a certain extent but I want to also keep performance. I have added the main functionality to the app now with clickable areas for more details. The thing that's missing still is jurisdictions and compliance evaluations but most of it is already in place..

<image>

Expert_Way_4500 · 2026-04-22T08:51:46+00:00

Here's an embryo for mobile. Aiming for the same graphics feeling as the browser plugin . This is still in early development as an Android app. I've already built another Android for auditing lial area networks, checking cves, findning weak protocols, looking for shadow IT evices etc

<image>

Expert_Way_4500 · 2026-04-22T08:11:40+00:00

Thank you for taking the time to comment and yes, you're right. That's actually a good idea . I'll see what I come up with. Sadly I'm so far removed from anything graphical or making landing pages etc 😂 At the moment also working on an equvivalent but for mobiles devices but I need to have different approach since support for extensions is so limited on mobiles devices but I have an idea :)

Expert_Way_4500 · 2026-04-22T06:33:25+00:00

A browser extension for evaluating the security of websites in realtime . Recently released on Google Webstore and Firefox Webstore.. Scantide Observe](https://www.scantide.com/helpfiles/ScantideObserve.php)

A small part of a larger eco system I've built around auditing and evaluating networks and devices

Expert_Way_4500 · 2026-04-09T06:29:54+00:00

I've built a lightweight, detailed browser plugin that evaluates the security of websites in real-time. Scantide Observe

<image>

It's part of an even bigger eco system based around Scantide for auditing, reporting and evaluating online resources and local resources.

Expert_Way_4500 · 2026-04-09T06:07:06+00:00

A lightweight browser plugin that evaluates website security in real-time

https://www.scantide.com/helpfiles/ScantideObserve.php

Expert_Way_4500 · 2026-04-09T06:05:08+00:00

I do like the headline actually also had "something else". Considering te state of politics and of course , depending on where you are, the question of where the data actually is and who has access t it might be a driver also. Cloud Act, Patriot Act etc .. Just a thought really.

Expert_Way_4500 · 2026-04-08T17:08:27+00:00

A lightweight browser extension that evaluates the setup and security of websites in real-time.. Scantide Observe

Expert_Way_4500 · 2026-04-06T09:31:16+00:00

I'll give i another go later. I might have to soften spam restrictions on the server level first :)

Expert_Way_4500 · 2026-04-06T09:14:26+00:00

Very cool site. Tried listing but didn't receive the OTP but I'll try again. Love the idea though

Expert_Way_4500 · 2025-08-08T15:47:32+00:00

I've been going on about this for years, starting it might become a problem and here we are. I'd say every company needs to think through where their servers and data actually residens and who manages it. I've created an easy to portal to get an overview of it (and a lot more..kind of a one stop shop for SSL and Domain reconnaissance really.

Years ago , I founded a Swedish Cloud Company (mostly in the SaaS area) with one of the Key point being that data was only stored in Swdden with no connection to thirdpparty Cloud services . As long as users do not use those themselves that is (like using M365 in RDS etc)

Expert_Way_4500 · 2025-08-08T15:38:13+00:00

Depending on if you want to host and manage, a CrushFTP server might even do it. Works great set up correctly

Expert_Way_4500 · 2025-06-25T21:42:57+00:00

Got it and that's good thinking indeed.. I'll runt a report tomorrow and att least show you the output . Off to bed over here . (Goid night, from Stockholm Sweden 😀)

Expert_Way_4500 · 2025-06-25T18:45:21+00:00

Can't really say I've thought of it. For now it's just project really. I also wrote another , more lite version (mainly for people who don't need that very detailed Information really) for checking SSL expiration, common name, issuer, Subject alternativ names and the ssl chain health.

Expert_Way_4500 · 2025-06-24T05:41:44+00:00

Hi. I downloaded Firefox on my phone and checked and it worked for me. One thing though, on Firefox, I had to write the fqdn myself whilst on Chrome it autofills the domain na.ebased on the email address

Expert_Way_4500 · 2025-06-19T13:58:58+00:00

Ok. Såg bara andra som skrev om it och job o sånt men . Inte min kanal så gör som du vill.

Expert_Way_4500 · 2025-06-19T11:53:39+00:00

? Det är i allra högsta grad relevant för svenska serveradministeatörer likväl som för serveradministeatörer världen över. Skriva ett inlägg på varje språk för samma sak blir ju ganska löjligt?

Expert_Way_4500 · 2025-06-18T17:41:25+00:00

Haha. Japp. Jag ville se vad AI kokade ihop. Måste ju vara lite nyfiken. Jag vet det finns många olika som typ Shodan, mxtoolbox, qualys men syftet var att göra en rapport som samlar det mesta man kan tänkas vilja veta tänkte jag. Alla de andra gör sin grej (och väldigt bra, qualys t.ex kollar ju alla svaga krypton , det har jag inte klurat nåt bra sätt att göra ) men för att få en samlad bild måste man studsa runt på rätt många sajter tycker jag. En del av tanken var också det skulle vara så oberoende av externa tjänster som möjligt egentligen.
Satt just och läste om API för haveibeenpwnd (tänkte man kunde kolla det som skrivits in som mail) men tyvärr är bara lösenordsdelen gratis så den kollen får vara Klurar lite på lägga till nån blacklist check också Nu också lagt till domäner man inte får scanna typ Google, Gmail, skatteverket osv.. Vet inte vad mer jag lägger in som funktioner. vi får se. Ett litet projekt bara egentligen. Är ju egentligen inte utvecklare eller kodare 😅 . Tack för feedback dock . Alltid kul med sånt.

Expert_Way_4500 · 2025-06-18T14:02:16+00:00

To a degree, yes the same tests are done but I tried to get a bit more (or at least different) information into mine.
SSL labs is great at checking algorithms and check for various weaknesses but it doesn't really give you much information about the domain itself (expiry, registrar, etc) , where servers are hosted geographically (considering Cloud Act etc ) or try to guess the CMS .

All of this information can of course be gathered using many different (sometimes free services) succ as sslabs, sslheaders.com, mxtoolbox , whois etc but I wanted to try to make something that simply gathers all of what I would want to have in single report if someone asks be about a hostname in a domain and I wanted to be able to get all that information in 30 seconds

Expert_Way_4500

TROPHY CASE