This is a list of a few online tools I often use to audit for both security and speed of a site.
SSL LABS
https://www.ssllabs.com/ssltest/ – SSL Labs will determine how secure the settings are on HTTPS settings of a server. Check https://mozilla.github.io/server-side-tls/ssl-config-generator/ for way more information then you ever wanted to know about TLS and get help with some boiler plate for the web server of choice to get a good security setup.
SECURITY HEADERS IO
https://securityheaders.io – SSL Labs is good for servers, but not for browsers. Securityheaders.io will give you HTTP Headers to set to help protect the browser from itself.
YELLOW LAB TOOLS
http://yellowlab.tools – Yellowlabs is my goto tool to audit a website and determine bottle necks from a front end point of view. I like it more then other tools as it is gives the most human readable information on how to fix the issues that it finds. It also does a good job on focusing on whats current, and not the “new shiny” things like lighthouse. A docker image is also available to run so you do not have to wait in line. https://github.com/jguyomard/docker-yellowlabtools