Detect Webpage
Security Risks

WASM based scanner that runs locally on your browser and detects your web application's client-side security risks.

Download Scanner Get Started

Are you into PCI DSS?
Get full script inventory with Domdog Scanner.

Looking for help? Get in touch with us

Domdog Scanner Report

Customer Credit Card data accessed by external scripts

3 Issues found in Content Security Policy

2 Key-loggers detected

6 Dangerous APIs used

16 3rd party JavaScripts found in site

Use cases

Discover how Domdog Scanner is used across teams to extract valuable insights from large-scale and complex websites.

Security Teams

Security teams use Domdog Scanner to evaluate the client-side security of web apps. This includes assessing CSP, 3rd Party JS, Data Security, External Exposures, DOM Manipulations, Data Storage, and Communications.

Developers

Developers use the Domdog Scanner to test and implement Content Security Policy (CSP). They also use it to assess the behavior of 3rd party scripts before adding them to the application.

PCI QSAs

QSAs use Domdog Scanner to assess payment pages for PCI DSS 4.0 compliance, specifically with the new payment page requirements 6.4.3 and 11.6.1.

GRC Teams

GRC teams use Domdog Scanner to perform gap analysis and routine checks to ensure compliance with PCI DSS 4.0, GDPR, CCPA, etc.

Privacy Teams

Privacy teams use the Domdog Scanner to assess what customer data is being captured on the website and determine who it is being shared with.

Get started with Domdog Scanner

Get instant visibility into your webpage security status.

Domdog Scanner is a WebAssembly application so you can run it on all major web browsers, such as Brave, Google Chrome, Safari, Edge, and Opera.
The scanning process, including data collection, processing and report generation occurs locally on your system. We do not collect your browsing data or send it to our servers.
You can get started with the Domdog scanner by following these three steps:

Download Scanner's Burp Suite extension DomdogScannerBurpExtention.jar from here and add it to Burp Suite.
Once the extension is added, any browser that uses Burp Suite as a proxy is connected to Domdog Scanner.
Open your preferred browser and configure it to use Burp Suite as a proxy.
Check the status of your connected browser on the Domdog Scanner.

Frequently
asked questions

Answers to the most frequently asked questions.

The Domdog Scanner is free to use and does not require any specific licensing. However, its usage is bound to the terms of use.

Domdog Scanner can perform a wide range of client-side security assessments, including evaluating Content Security Policy (CSP), 3rd Party JavaScript analysis, Data Security assessment, External Exposures identification, DOM Manipulation analysis, Data Storage evaluation, and External communication assessment.

Detect Webpage
Security Risks

Domdog Scanner Report

Use cases

Security Teams

Developers

PCI QSAs

GRC Teams

Privacy Teams

Get started with Domdog Scanner

Frequently
asked questions

Don't leave your client-side unprotected

Find out how you can protect your client-side in just a matter of weeks

Detect Webpage Security Risks

Domdog Scanner Report

Use cases

Security Teams

Developers

PCI QSAs

GRC Teams

Privacy Teams

Get started with Domdog Scanner

Frequentlyasked questions

Don't leave your client-side unprotected

Find out how you can protect your client-side in just a matter of weeks

Detect Webpage
Security Risks

Frequently
asked questions