RESPONSIBLE SECURITY

Safe by design. Authorized use only.

SiteThreat is intended for site owners, administrators, developers, and professionals with explicit permission to assess a domain.

Public-domain validation

The scanner rejects private, loopback, reserved, and non-resolving targets to reduce server-side request forgery risk.

Controlled scan surface

Checks are limited to a predefined list of common accidental-exposure paths. It does not brute-force passwords, exploit software, or alter remote systems.

Minimal response sampling

Only a bounded response sample is inspected to classify risk. Reports should avoid retaining secrets or full sensitive files.

Authorization required

Users must own the target or have explicit authorization. Unauthorized security testing may violate contracts, provider rules, or applicable law.

Rate limiting

Production deployment should enforce per-IP, per-domain, and per-account limits to prevent abuse and excessive traffic.

Responsible disclosure

If you discover a vulnerability belonging to another organization, notify the owner privately and avoid publishing sensitive details.

AUTHORIZED TO TEST?

Run a controlled scan.

Use the results to remediate—not to exploit.

Open Scanner