Detect Webpage
Security Risks
WASM based scanner that runs locally on your browser and detects your web application's client-side security risks.
Are you into PCI DSS?
Get full script inventory with Domdog Scanner.
Looking for help? Get in touch with us
Domdog Scanner Report
Use cases
Discover how Domdog Scanner is used across teams to extract valuable insights from large-scale and complex websites.
Security Teams
Security teams use Domdog Scanner to evaluate the client-side security of web apps. This includes assessing CSP, 3rd Party JS, Data Security, External Exposures, DOM Manipulations, Data Storage, and Communications.
Developers
Developers use the Domdog Scanner to test and implement Content Security Policy (CSP). They also use it to assess the behavior of 3rd party scripts before adding them to the application.
PCI QSAs
QSAs use Domdog Scanner to assess payment pages for PCI DSS 4.0 compliance, specifically with the new payment page requirements 6.4.3 and 11.6.1.
GRC Teams
GRC teams use Domdog Scanner to perform gap analysis and routine checks to ensure compliance with PCI DSS 4.0, GDPR, CCPA, etc.
Privacy Teams
Privacy teams use the Domdog Scanner to assess what customer data is being captured on the website and determine who it is being shared with.
Get started with Domdog Scanner
Domdog Scanner consists of two components: Scanner and BurpSuite Extension.
- Scanner is a WebAssembly application that runs on all major web browsers, including Brave, Google Chrome, Safari, Edge, and Opera.
- BurpSuite Extension is a JAR file that must be added to your BurpSuite installation.
All scanning processes—including data collection, processing, and report generation—occur locally on your system. We do not collect or transmit your browsing data to our servers.
Follow these three steps to get started with Domdog Scanner: