Free Tool Suite

Security checks for your domain

No login. No account. Enter your domain and get results in seconds.

Domain & Email
Live

SPF Record Checker

Verify who is authorized to send email from your domain. Prevents email spoofing.

Check SPF →
Live

DKIM Checker

Check your email cryptographic signing. Proves emails actually came from you.

Check DKIM →
Live

DMARC Checker

Inspect your DMARC policy. Controls what happens when email authentication fails.

Check DMARC →
Live

MX Record Lookup

Inspect your mail exchange records, priorities, PTR validation, and misconfigurations.

Lookup MX →
Live

Email Blacklist Checker

Check if your domain or IP is on spam blacklists that could block your emails.

Check Blacklists →
Live

Domain Expiration Checker

Find out when your domain expires. Expired domains can be hijacked by attackers.

Check Expiration →
Live

SSL/TLS Checker

Verify your website certificate is valid, trusted, and not close to expiry.

Check SSL →
Web & Network
Live

Open Port Scanner

Find exposed services and risky open ports — RDP, MySQL, FTP — with plain-English risk explanations.

Scan Ports →
Live

HTTP Security Headers

Check if your website sets critical security headers that protect visitors.

Check Headers →
Live

DNS Health Check

Audit all DNS record types — A, AAAA, MX, TXT, CNAME, NS, SOA. Flags misconfigurations and email security gaps.

Check DNS →
Live

Subdomain Exposure Scanner

Discover exposed admin, dev, and staging subdomains via brute-force and certificate transparency logs.

Scan Subdomains →
Breach & Exposure
Retainer Service

Dark Web Monitoring

Continuous monitoring of dark web forums, paste sites, and breach databases for your domain credentials. Automated alerting when new exposures are found.

Learn More →
Retainer Service

Exposed Credentials Monitoring

Monitor employee email addresses in credential dumps and breach databases. Get alerted when staff credentials appear in the wild — before attackers use them.

Learn More →
Microsoft 365
Live

M365 Tenant Detection

Confirm if your domain uses Microsoft 365. Checks MX, autodiscover, MS= TXT records, and OpenID config.

Detect M365 →
Live

Legacy Auth Exposure Checker

Detect if your M365 tenant allows legacy authentication — a common ransomware vector that bypasses MFA.

Check Legacy Auth →
Assessment

Conditional Access Assessment

8-question assessment of your MFA enforcement, device compliance, and access control policies.

Start Assessment →
Assessment

Admin Audit Assessment

8 questions on admin account hygiene, audit logging, privileged access, and Microsoft Secure Score.

Start Assessment →
Compliance & Policy
Assessment

HIPAA Readiness Assessment

10 questions covering PHI access controls, encryption, audit logging, BAAs, and breach notification.

Start Assessment →
Assessment

SOC2 Gap Assessment

10 questions checking SOC2 Trust Services Criteria — access controls, monitoring, change management, and more.

Start Assessment →
Assessment

Cyber Insurance Readiness

10 questions based on what underwriters actually ask. Know where you stand before you apply.

Start Assessment →
Endpoint & Coverage
Assessment

Endpoint Security Assessment

Check antivirus coverage, MFA enforcement, encryption, screen lock, and device management. Pass/Warn/Fail.

Start Assessment →
Assessment

Patch Compliance Assessment

8 questions on OS patching, application updates, EOL systems, firmware, and patch management tooling.

Start Assessment →