SShortSingh.
Back to feed

Developer launches SecURL, a free all-in-one web security scanner, after six-month delay

0
·1 views

A developer has publicly launched SecURL, a web security scanning tool built roughly six months ago but never formally released due to unresolved UX issues and missing infrastructure. The tool scans a URL in about 30 seconds and checks HTTP security headers, TLS configuration, DMARC, SPF, DKIM, DNSSEC, cookie flags, redirect chains, and third-party script exposure, returning an A-to-F grade with severity-ranked findings. Before shipping, the developer addressed several interface bugs, including a layout gap, a truncated navigation bar, and uniform grade colours that failed to distinguish good results from poor ones. Misleading copy on the marketing site was also corrected, as the phrase 'active checks' contradicted the tool's passive, non-invasive scanning approach. SecURL is now live at app.securl.online, requires no account, and has been accompanied by a Product Hunt profile and social media presence to support its belated launch.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

Trelix grows from v1.0 to v2.7 in 13 days with knowledge graphs and agentic search

Developer tool Trelix evolved rapidly from its initial release to v2.7.0 over just thirteen days, shipping seven minor versions that transformed it from a basic code-search tool into a broader platform. Key additions included a knowledge graph built on NetworkX with Louvain community detection, which groups codebase files into architectural modules and labels them using an LLM. Retrieval expanded from three legs to seven, incorporating research-backed techniques such as RAPTOR-style file summarization and HyDE hypothetical document embeddings. A notable silent bug was also fixed in v2.7.0, where AdaptiveRouter accepted a configuration parameter but ignored it entirely, defaulting to environment variables instead. Other features added during this period include federated multi-repo search, an agentic query loop, and a GitHub Actions bot for automated PR review.

0
ProgrammingDEV Community ·

Puppetlabs Releases 24 Forge Modules in June 2026, Including New Windows Security Tool

Puppetlabs shipped 24 module updates to the Puppet Forge in June 2026, highlighted by a brand-new security_policy module for managing Windows local security policies via the Puppet Resource API. The new module replaces manual tools like secedit and covers all 45 Windows Privilege Rights along with System Access settings. A broad maintenance pass updated 15 modules — including apache, mysql, and postgresql — to loosen their stdlib dependency constraints, enabling compatibility with the newly released stdlib 10.x. Several modules, such as accounts, java, and postgresql, also dropped Puppet 7 support as part of a Puppet 8 alignment effort ahead of Puppet 7 reaching end-of-life. Additionally, Security Compliance Management 3.8.0 patched approximately 40 CVEs across bundled third-party components and updated its CIS-CAT Pro Assessor to add new STIG benchmarks for platforms including RHEL 10 and Amazon Linux 2023.

0
ProgrammingDEV Community ·

Non-Jailbreak iOS GPS Spoofing App Gains Traction Among Developers

A JavaScript-based iOS app called iOS Location Spoofer allows users to manipulate GPS data on non-jailbroken devices, attracting over 1,800 stars on GitHub. The app integrates modules such as Shadowrocket and Surge, enabling proxy capabilities alongside location spoofing without requiring users to compromise device security through jailbreaking. While its non-jailbroken approach preserves iOS sandboxing and device integrity, the use of JavaScript introduces performance overhead compared to native alternatives. Security experts and developers raise concerns about potential misuse, particularly for location-dependent services like ride-hailing apps that rely on accurate GPS data. Broader ethical and legal questions also loom, including whether Apple will move to block such tools as location data grows increasingly critical across industries.