Documentation | LazyHippo

Home DocsSecurity Scanning

Security Scanning

Passive scanning safe for production. Checks HTTP headers, cookies, auth flow, and info disclosure -- scored 0-100.

How it works

The scanner checks HTTP response headers, cookie flags, authentication flow weaknesses, information disclosure, and HTTPS transport configuration. Everything is scored 0-100 with a letter grade.

The scan is entirely passive -- it only reads responses, never injects payloads -- making it safe to run against production environments.

What gets checked

Parameter	Type	Description
Headers	check	Content-Security-Policy, Strict-Transport-Security, X-Frame-Options, X-Content-Type-Options, Referrer-Policy
Cookies	audit	Secure flag, HttpOnly flag, SameSite attribute on all cookies
Auth flow	analysis	Weak password policies, missing rate limiting, session management patterns
Info disclosure	scan	Stack traces in error pages, environment variables in responses, version headers
Transport	verify	HTTPS redirect, HSTS presence, mixed content warnings

Example security score output

log

Security Score: 72/100 (B)

[PASS] HTTPS configured, HSTS present
[PASS] Cookies have Secure flag
[WARN] Missing Content-Security-Policy header
[WARN] Session cookie missing SameSite flag
[PASS] No stack traces or env vars leaked
[PASS] X-Frame-Options set to DENY

2 findings | 0 critical | 2 medium

Note

Security scan does not require authentication. You can run it independently or as part of a full product test.

Smart Reports