Public configuration

Security checks

Passive analyzers for public TLS, DNS, and HTTP header configuration. SAVR validates domains, blocks private network targets, and performs no intrusive scanning.

TLS certificate validation

Inspect public TLS certificate metadata, expiry, SANs, and cipher details.

Public data only

DNS lookup

Query public A, AAAA, MX, TXT, CNAME, NS, SOA, and CAA records.

Public data only

HTTP security headers

Inspect public HTTP response headers and configuration posture.

Public data only

Safety model

Only publicly accessible configuration data is inspected.

Private IP ranges, localhost, and internal hostnames are blocked.

Rate limiting protects the backend from abuse.