TRANSPARENT BY DESIGN
How SiteThreat works
SiteThreat performs focused, non-destructive checks against publicly reachable website endpoints, evaluates the evidence returned by the target server, calculates a Site Threat Score, and provides practical remediation guidance for findings that may require attention.
01
Enter an authorized domain
Provide a domain that you own, administer, or have explicit permission to assess. SiteThreat normalizes the domain, verifies that it resolves publicly, and rejects targets that do not meet the scanner’s validation requirements. The authorization confirmation is important because even limited external scanning should be performed only with the system owner’s knowledge and permission.
02
Select host coverage
Choose whether to test the root domain, the www hostname, the mail hostname, or all three. These hostnames may point to different servers, applications, document roots, reverse proxies, or hosting configurations. A file blocked on one hostname may still be exposed on another, so broader host coverage can reveal inconsistent protections.
03
Choose the checks
Run exposure-file checks, security-header checks, or both. Exposure checks request a controlled list of commonly mishandled paths such as environment files, backups, logs, dependency manifests, repository metadata, database exports, and server-information pages. Header checks review browser-facing protections without attempting to exploit the site.
04
Collect limited evidence
For each request, SiteThreat reviews the HTTP status, final destination, response headers, content type, request time, and a limited response sample. The scanner does not crawl the entire website, brute-force directories, submit credentials, bypass authentication, alter content, upload files, or execute discovered code. Its purpose is targeted external exposure detection, not intrusive penetration testing.
05
Classify each result
Results are classified as safe, warning, medium, high, critical, or unknown based on the response evidence. A blocked path is treated differently from a path that returns a downloadable archive, credential pattern, application log, or production environment file. Ambiguous responses remain warnings or unknown results rather than being presented as confirmed vulnerabilities.
06
Remediate and retest
Open “How to fix” for a plain-language explanation, priority, recommended action, and configuration guidance when available. After correcting the server or application configuration, run the scan again. A sensitive resource that is properly protected should normally return a blocked or unavailable response such as 401, 403, 404, or 410.