I built a website security scanner (because I kept shipping insecure projects)

Benjamin Frank — Thu, 18 Dec 2025 15:06:05 +0000

I’m a solo developer, and over the last year I kept running into the same problem:

I’d ship projects thinking “I’ll secure this properly later”
and then… later never came.

If I’m being honest, my cybersecurity knowledge isn’t great. I know enough to be dangerous, but not enough to feel confident. I’d regularly forget things like:

missing or misconfigured security headers
weak TLS / SSL setups
basic server or app misconfigurations that should be caught early

Most of these issues aren’t advanced attacks — they’re just things you miss when you’re focused on shipping features.

So instead of pretending I’d magically get better at security overnight, I decided to build a tool that helps catch these problems for me.

Why I built SecureNow
SecureNow is a website security scanner that checks for common vulnerabilities and gives you a clear report with fix recommendations.

The goal is not to replace professional pentesting.
It’s meant to be:

a fast baseline security check
something you can run before or after deploying
useful for developers and small teams who don’t have a security expert on hand

Basically: “Did I forget something obvious?”

What it checks
Some of the features I thought were pretty cool (and honestly useful for my own projects):

Security header checks (CSP, HSTS, etc.)
TLS / SSL configuration analysis
Open port scanning (surprisingly, a lot of sites still expose things they shouldn’t)
Rate limit detection
API route checking

Clear explanations + suggestions on how to fix issues

Nothing intrusive, no exploit-style scanning — just automated checks that surface common problems.

Who this is for (and who it isn’t)

SecureNow is designed for:

solo developers
indie hackers
small teams

people shipping fast and trying not to break things (or expose them)

It’s not:

a full pentesting replacement
an enterprise security suite
something that magically makes your app “secure forever”

Launch & feedback

I launched SecureNow today, and I’m genuinely looking for feedback — not hype.
Things I’d really like to know:

Is this actually useful?
What checks would you expect from a tool like this?
What would make you not trust it?
Is the pricing off / too expensive for what it does?

If you want to take a look:
https://www.securenow.dev

I’m happy to answer questions, explain how things work, or hear why this is a terrible idea!

DEV Community: Benjamin Frank

I built a website security scanner (because I kept shipping insecure projects)