Hard2bit · Cybersecurity
While classic scanners check 5 things, we check 50+. From HTTP headers to leaked secrets on Lovable-built sites, BIMI, MTA-STS, vulnerable JavaScript libraries, forgotten subdomains, expiring certificates, credentials in public breaches, and much more.
No agents, no internal access. Just your domain. 100% passive analysis.
100% passive analysis, no agents to install, no internal access. All you need is your domain. Under 60 seconds for most domains.
Type your domain (example.com), accept the terms and launch the scan. No registration needed for the first scan. No sensitive data is requested.
The scanner queries DNS, HTTP headers, certificates, threat intel, public sources and Certificate Transparency. Zero impact on your server — equivalent to a regular browser visit.
You receive an A+ to F grade, findings categorised by severity (critical, high, medium, low), and actionable recommendations with reproducible technical evidence.
Export a professional PDF (paid plan), share it with your team or client, integrate it into your audit workflow. History available to track evolution over time.
Each control evaluates a specific aspect of your domain's public posture. Grouped into 6 technical categories plus 1 AI Agent Readiness category (already covered above). What it measures, what evidence it collects and why it matters. This is the public methodology a consultant can show to a client or an auditor can show to their team.
Analysis of the foundation your traffic travels on: TLS/SSL configuration, DNS health and exposed ports. Any weakness here compromises everything built on top — encryption, authenticity, availability.
Analyzes your certificate configuration and the available encrypted protocols to ensure secure communications and detect known cryptographic weaknesses.
Evaluates the domain DNS configuration: server redundancy, DNSSEC, presence of sensitive records, and consistency across providers.
Identifies common ports accessible from the Internet that could expose administrative services or management panels without additional protection.
HTTP security headers, cookie configuration, mixed content, technology detection (CMS, frameworks) and matching against known CVEs. The layer where the user's browser talks to your application.
Checks that your site sends the recommended security headers, which protect it against code injection, UI hijacking, and traffic manipulation.
Identifies the technologies and versions running on your site (CMS, frameworks, libraries, servers) to detect outdated components with known vulnerabilities.
Cross-references detected technologies against public vulnerability databases to identify versions affected by documented security flaws.
Reviews the security attributes of your site cookies to detect configurations that could facilitate user session theft.
Detects secure pages loading resources over unencrypted channels, a condition that breaks transport protection and exposes user data.
Email security (SPF, DMARC, MTA-STS, BIMI), Certificate Transparency, and public WHOIS information for the domain. They validate that the entity claiming to be your domain actually is.
Evaluates the public mechanisms that authenticate email sent from your domain, reducing the risk of spoofing and phishing in your name.
Checks expiration date, age, registrar, and administrative status of the domain to anticipate expiry losses or unauthorized transfer risks.
Reviews certificates issued for your domain in public Certificate Transparency logs, useful for detecting unauthorized issuance or forgotten subdomains.
Searches for public credentials, misconfigured cloud storage, forgotten subdomains, possible takeovers, Common Crawl exposure, and AI-bot policies. What an attacker would find via OSINT before you do.
Evaluates your posture against automated AI access: generative-model scrapers, data exposure to training without consent, and common AI-application endpoints left unprotected.
Detects cloud storage and admin panels accessible from the Internet that could leak files, backups, or credentials.
Searches for mentions of your domain or associated credentials in public repositories and paste services, detecting information leaks before attackers do.
Detects subdomains pointing to abandoned external services that an attacker could claim to impersonate your brand.
Checks whether your domain content appears in public archives that feed generative AI models, and whether sensitive pages are indexed that shouldn't be.
Checks whether your site is configured to block generative-AI model scrapers (GPTBot, ClaudeBot, Google-Extended, etc.) via robots.txt, ai.txt, and meta tags.
Enumerates subdomains visible in public Certificate Transparency logs (crt.sh) and classifies them by name pattern — surfaces non-production environments (dev/staging/admin) exposed to the Internet.
Identifies the third-party vendors you use (CRM, marketing, analytics, CDN) and checks whether any has been involved in a documented public breach — NIS2 supply-chain risk traceability.
Cross-checks against public threat-intel lists: whether your domain or IPs show up in blocklists for phishing, spam or known C2. An external signal of the trust the ecosystem grants you.
Checks whether your domain, IPs, or mail servers appear in public threat lists (spam, malware, phishing, botnet infrastructure).
Presence and validity of security.txt, robots.txt and compliance signals (NIS2, DORA, ENS, ISO 27001) that an auditor checks before even requesting your internal documentation.
Checks that your site publishes a standard channel for security researchers to responsibly report vulnerabilities.
Identifies public signals of best-practice adoption (cookies, privacy policy, GDPR, accessibility) without replacing formal legal audit.
Analyzes the robots.txt file to identify internal paths inadvertently revealed and inconsistent indexing policies.
The 11 emerging standards (llms.txt, MCP, Content-Signal, Web Bot Auth, etc.) are detailed in the AI Agent Readiness section above. Each is evaluated for both presence and secure configuration.
↑ Jump to AI Agent ReadinessStandards and references we follow: OWASP Secure Headers Project · Mozilla Server-Side TLS · IANA Root DNSSEC · M3AAWG Sender Best Practices · RFC 6962 Certificate Transparency · llmstxt.org · MCP spec · EU NIS2 Directive.
In 2026, your website no longer competes only on Google. It also competes to be discovered, understood and correctly cited by AI agents: ChatGPT with browsing, Perplexity, Claude search, autonomous agents. These agents read emerging standards (llms.txt, MCP Server Card, Content-Signal, Web Bot Auth and 7 others) to decide whether your site is agent-ready — and if it isn't, you fall out of the new discovery funnel. Hard2bit Scanner is one of the few scanners that evaluates the 11 emerging standards alongside the 14 classic security controls.
But AI Agent Readiness without security is a new kind of risk. A misconfigured llms.txt leaks private routes. An MCP server without authentication is a trivial abuse vector. A robots.txt that is inconsistent across subdomains allows some bots what it forbids to others. That is why we always evaluate both dimensions: that the standard is present AND that it is securely configured.
Hard2bit Scanner serves 4 distinct profiles with 4 distinct workflows. Same engine, conclusions applicable to each professional context.
Continuously audit the public posture of your own domain plus forgotten subdomains (shadow IT). Pre-validate changes before release. When NIS2/ENS lands and you need quick evidence for the technical dimension of Article 21, the scanner produces timestamped, reproducible reports that auditors accept.
Start for free →Pre-audit the external posture of a new client in 60 seconds before the first meeting. A professional PDF ready to deliver as a pre-engagement deliverable or as a commercial hook. Standard workflow: scan → report → conversation → proposal for larger services.
See Pro plans →Continuous inventory of the external posture of your client portfolio. Early detection of changes (new subdomains, expiring certificates, MX changes). History for quarterly reporting. White-label on the 2026 roadmap.
Get in touch →External-posture validation on every release. Catch regressions in HTTP headers, certificate expiration, robots.txt configuration for AI bots. Public API on the roadmap for CI/CD integration.
Start for free →No card to get started. Cancel anytime.
Free
1 scan / 24h per IP
Try it with your domain above ↑
€0/mo
3 scans / month
€19/mo
20 scans / month
€29/mo
60 scans / month
If the Free and Starter plans give you the grade and findings in the browser, the paid plans generate a professional PDF ready for audit, client or board. Designed so a consultant can sign it and a CISO can present it.
Honest positioning vs the ecosystem. Each tool has its role. Ours: passive analysis, European freemium, the only one covering the 11 AI Agent Readiness standards.
| Dimension | Hard2bit Scanner | Mozilla Observatory | SSL Labs (Qualys) | ImmuniWeb Community | Hardenize | SecurityHeaders.com |
|---|---|---|---|---|---|---|
| Model | Freemium SaaS | Free (Mozilla Foundation) | Free (Qualys) | Freemium (Switzerland) | Free | Free (archived 2026) |
| Hosting | Hetzner EU | US | US | Switzerland (EU-adjacent) | UK | UK |
| HTTP header coverage | Yes (8) | Yes (10) | No | Yes | Yes | Yes (exclusive focus) |
| TLS / SSL | Yes | No | Yes (reference) | Yes | Yes | No |
| Email security (SPF/DMARC/MTA-STS) | Yes | No | No | Partial | Yes | No |
| Supply-chain risk (vendor breach) | Yes | No | No | Partial | No | No |
| AI Agent Readiness (11 standards) | Yes (unique) | No | No | No | No | No |
| Certificate Transparency | Yes | No | No | No | Yes | No |
| Professional PDF | Starter plan+ | No | No | Premium | No | No |
| Public API | On 2026 roadmap | No | Yes | Yes | No | API closed (Apr 2026) |
| Provider accreditations | ENS High · ISO 27001 · 13+ years | Mozilla Foundation | Qualys (NASDAQ:QLYS) | ISO 27001 | n/a | n/a |
Mozilla Observatory and SSL Labs are the free references in this niche — technical tools that almost any team tries before looking further. Hardenize and ImmuniWeb Community are close competitors with EU focus (ImmuniWeb from Switzerland, with their own ISO 27001). SecurityHeaders.com was for years the freemium HTTP-headers tool — its API closed in April 2026 and Hard2bit Scanner is a direct alternative. Our differentiator is full coverage (TLS + email + Certificate Transparency + supply-chain) together with the 11 emerging AI Agent Readiness standards — covered by none of the above — and verifiable EU authority (ENS High, ISO 27001, 13+ years).
Hard2bit Scanner is a product of Hard2bit S.L., a Spanish cybersecurity company headquartered in Madrid, founded in 2013 and operating across the EU ever since. We combine technical services (pentesting, red team, 24/7 SOC), compliance (NIS2, DORA, ENS, ISO 27001) and R&D at the AI-security crossroads.
Our commitment to rigor is documented: ENS High, ISO 27001, ISO 9001, ISO 14001, ISO 22301, ISO 20000-1, plus recognition as an Innovative SME by the Spanish Ministry of Science and Innovation. We are active members of ISMS Forum, ASLAN, CyberMadrid and the UN Global Compact.
The scanner is our way of bringing within reach of any organisation the public-posture analysis that used to be visible only to professional audit clients. If you need more than an automated analysis, we can help.
CEO and co-founder, Hard2bit S.L.
CEO and co-founder of Hard2bit S.L. Over 25 years of experience in cybersecurity, digital forensics and IT infrastructure. Co-drives Hard2bit's R&D agenda contributing across the business, security and development perspectives, supported by Hard2bit's technical team.
LinkedIn →COO and co-founder, Hard2bit S.L.
COO and co-founder of Hard2bit S.L. Background in offensive security, cloud architecture and SOC operations. Co-drives Hard2bit's R&D agenda contributing across the technical, operational and development perspectives, supported by Hard2bit's development, research and analysis team.
LinkedIn →Hard2bit S.L. · CIF B86717147 · Madrid, Spain
The scanner covers the passive, automated analysis of external posture. But some scenarios require more: expert human review, validation of real-world impact, integration into your compliance workflow, or continuous monitoring. That is where the Hard2bit S.L. team — the parent company of the scanner — comes in.
As a Spanish cybersecurity company with 13 years of EU operations, an in-house technical team and accreditations including ENS High and ISO 27001, we offer the services that complement the scanner:
Expert human review plus a remediation plan with estimated effort per finding. The Hard2bit team delivers both an executive and a technical report. Suitable for preparing a NIS2/ENS audit or responding to a critical scanner finding.
Validation of real-world impact, not just external posture. Internal + external pentesting, with social engineering when relevant. Suitable when the scanner flags a risk and you need to confirm exploitability.
Continuous monitoring, detection and response. For organizations whose external posture changes often or where the consequences of an incident justify a dedicated team.
From gap assessment and implementation to support through certification. NormexAI, our in-house evidence-automation product, complements the scanner's work in regulated environments.
If a scanner finding opens a conversation about any of these services, write to us. The first conversation is always with a technical profile, not a sales one.