Blog

Notes from the scanner

Web security, privacy, and vulnerability scanning: practical guides from the team behind OnScanner.

We write about what we build and what we see in real scans: how attackers map a website from the outside, which CVEs actually get exploited and how EPSS and CISA KEV separate them from the noise, why trackers and consent banners fail privacy audits, and what SPF, DKIM, DMARC, TLS and security headers reveal about a domain before anyone logs in. No fluff, no recycled press releases; each post explains a technique, shows the evidence a scanner collects, and ends with fixes you can apply the same day.

RSS feed
← NewerPage 2 of 2