Assessment workflow
Pentest-style workflow, built for automated public scans
AIClicks does not exploit targets. It performs safe public-surface recon, validates signals, and turns findings into executive and technical remediation evidence.
Scoping & Information Gathering
Normalize final origin, redirect path, public crawl boundary, and safe non-invasive test profile.
Reconnaissance & Intelligence
DNS, TLS, certificates, exposed services, robots, security.txt, email auth, IP reputation, and stack signals.
Vulnerability Assessment
Headers, cookies, CSP, CORS, SRI, mixed content, TLS downgrade, DNSSEC, DMARC, DKIM, MTA-STS, and port exposure.
Analysis & Validation
Findings are correlated across HTTP, DNS, TLS, crawler, content, and server-side recon evidence to reduce false positives.
Comprehensive Reporting
Executive score, technical checks, evidence cards, signal graph, limitations, and priority remediation actions.
Remediation Support
Fix guidance for web server headers, CDN policy, DNS/email records, exposed services, disclosure files, and retest targets.
Re-testing & Validation
Run the same deep profile again after fixes to compare scores, evidence, and remaining attack surface.
What gets checked
80+ live signals, six security categories
TLS & Certificate
- Protocol grade (TLSv1.3 → TLSv1.0)
- Cipher suite: AEAD vs legacy
- Key bit strength (256–4096)
- Certificate chain depth
- Self-signed detection
- Days until expiry
- Signature algorithm (RSA/EC/PQC)
- HSTS preload eligibility
Security Headers
- Content-Security-Policy presence and eval/inline flags
- Strict-Transport-Security max-age and includeSubDomains
- X-Frame-Options (DENY / SAMEORIGIN)
- X-Content-Type-Options: nosniff
- Referrer-Policy value
- Permissions-Policy
- Cross-Origin-Opener-Policy
- Cross-Origin-Resource-Policy
Email Authentication
- SPF record presence and policy
- DKIM: scans 18 common selectors
- DKIM key type (RSA/Ed25519) and bit estimate
- DMARC policy (reject / quarantine / none)
- DMARC pct coverage
- MTA-STS mode (enforce / testing)
DNS Hardening
- CAA record count and issuers
- DNSSEC: RRSIG and DNSKEY detection
- Authenticated Data (AD) flag
- NS redundancy count
- IPv6 AAAA record presence
- Domain age proxy from SOA serial
Misconfigurations
- Server header version disclosure
- X-Powered-By header exposure
- phpinfo() output in page HTML
- Verbose stack trace in page HTML
- Clickjacking protection check
- Cache-Control directive presence
- Mixed content (HTTP refs on HTTPS pages)
Cookie Security
- Per-cookie Secure flag
- HttpOnly flag on each cookie
- SameSite attribute (Strict / Lax / None)
- Total cookie count
- Session vs persistent cookie ratio
OWASP Testing Coverage
- OWASP Top 10 mapping
- Basic SQL injection surface analysis
- XPath/XML injection surface analysis
- Cross-site scripting posture via CSP, headers, forms, and scripts
- SSRF parameter surface detection
- Business logic workflow surface assessment
- REST/GraphQL API exposure review
- JWT/token indicator analysis
- CVE follow-up from technology fingerprints
- File inclusion and path traversal parameter checks
- CORS and CSP misconfiguration analysis
Live scanner
Paste any domain to run the cyber-only scanner. Deep mode runs the full enterprise assessment and builds the security report.
Paste a URL above and hit Scan →
Cyber Security Scan · Deep scan crawls up to 16 pages