Resources - ScanWeb Security Scanner

📚 Documentation

Simple guides and documentation to help you understand ScanWeb's basic security scanning capabilities.

Getting Started

ScanWeb is a basic security scanner. Simply enter a URL and our scanning engine will check for missing security headers, detect script tags, and identify potential SQL injection patterns.

Scan Types

Security Headers Check: Identifies missing X-Frame-Options, Content-Security-Policy, and Strict-Transport-Security headers
Script Tag Detection: Simple detection of <script> tags in page content
SQL Pattern Check: Basic pattern matching for common SQL injection characters in URLs

Understanding Results

Scan results show:

Missing Headers: List of security headers not found on the target site
Script Tags Found: Boolean indicating presence of script tags
SQL Risk: Boolean indicating potential SQL injection patterns in URL

🔧 API Reference

ScanWeb provides a simple REST API for basic security scanning. The source code is available on GitHub.

GitHub Repository: https://github.com/REXFEDEC/vulscan

Base URL

https://scanner.goneto.space

Scan Endpoint

GET /scan?url={target_url}

Response:
{
  "url": "https://example.com",
  "results": {
    "missing_headers": ["Content-Security-Policy", "X-Frame-Options"],
    "script_tags_found": true,
    "sqli_risk": false
  }
}
            

Backend Implementation

The scanner performs these basic checks:

Checks for presence of X-Frame-Options, Content-Security-Policy, and Strict-Transport-Security headers
Searches page content for <script> tags (case-insensitive)
Scans URL for SQL injection patterns: single quotes, double quotes, SQL comments (-- and /* */)

💬Support

Get help with ScanWeb, report issues, or request new features through our support channels.

Contact Information

Email Support: sameermann5335@gmail.com

For technical support, bug reports, feature requests, or general inquiries, please reach out via email. We typically respond within 24-48 hours.

Common Issues

Scan Timeout: Large websites may take longer to scan. Try scanning specific pages instead of the entire domain.
Access Denied: Some websites block automated scanning. This is normal security behavior.
Incomplete Results: Sites with heavy JavaScript may require multiple scans for complete analysis.

Best Practices

For optimal results, scan websites during low-traffic periods and ensure you have permission to scan the target domain.

📝Changelog

Track the evolution of ScanWeb through our version history and feature updates.

v3.1 - Current August 2025

UI Improvements & Enhanced User Experience
Major interface redesign with dark/light theme support, improved scan result visualization, enhanced mobile responsiveness, and streamlined user workflows. Added real-time scan progress indicators and improved accessibility features.

v3.0 August 2025

AI-Powered Security Analysis
Introduced advanced AI capabilities for intelligent threat detection and automated security recommendations. Added machine learning-based vulnerability pattern recognition, contextual security advice, and predictive risk assessment features.

v2.0 August 2025

Extensive Backend Infrastructure
Complete backend overhaul with comprehensive security header analysis, SQL injection detection capabilities, script tag evaluation, and detailed vulnerability reporting. Added API endpoints and improved scan performance.

v1.0 August 2025

Initial Release - HTTP vs HTTPS Recognition
First version featuring basic website security assessment with HTTP/HTTPS protocol detection, SSL certificate validation, and fundamental security posture evaluation. Established the foundation for comprehensive security scanning.