Tools

Site Scanners and Online Tools

This is a list of a few online tools I often use to audit for both security and speed of a site.

SSL LABS

https://www.ssllabs.com/ssltest/ – SSL Labs will determine how secure the settings are on HTTPS settings of a server.  Check https://mozilla.github.io/server-side-tls/ssl-config-generator/ for way more information then you ever wanted to know about TLS and get help with some boiler plate for the web server of choice to get a good security setup.

SECURITY HEADERS IO

https://securityheaders.io – SSL Labs is good for servers, but not for browsers.  Securityheaders.io will give you HTTP Headers to set to help protect the browser from itself.

YELLOW LAB TOOLS

http://yellowlab.tools – Yellowlabs is my goto tool to audit a website and determine bottle necks from a front end point of view.  I like it more then other tools as it is gives the most human readable information on how to fix the issues that it finds.  It also does a good job on focusing on whats current, and not the “new shiny” things like lighthouse.  A docker image is also available to run so you do not have to wait in line.  https://github.com/jguyomard/docker-yellowlabtools