Security Toolkit

Free tools for domain security

Run instant security checks on any domain. Each tool scans a specific attack vector and returns an A–F grade with actionable remediation steps.

Scans all 6 modules. No account required.
B

Every scan returns an A–F security grade

Composite score across all modules — plus per-module breakdowns with specific remediation steps.

View full domain reports
FreeAPI
DNS Security Check
Validate DMARC, SPF, DNSSEC, and MX configuration in one scan. Returns a unified security grade for all DNS records.
DMARCSPFDNSSECMX
Run Check →
FreeAPI
DMARC Checker
Check DMARC policy, alignment mode, and enforcement level. Identifies spoofing vulnerabilities and returns an email-specific security grade.
DMARCPolicyAlignmentpct
Run Check →
FreeAPI
SPF Record Validator
Validate SPF syntax, DNS lookup count limits, and alignment. Catches the "too many lookups" problem before it breaks your email delivery.
SyntaxLookupsQualifier
Run Check →
FreeAPI
HTTP Security Headers
Scan HSTS, CSP, X-Frame-Options, Referrer-Policy, and more. See exactly which headers are present, missing, and how they affect your security posture.
HSTSCSPX-FrameReferrer
Run Check →
FreeAPI
MX Record Checker
Look up MX records and understand what they mean for security. Identifies inconsistent routing, dangling records, and mail delivery issues.
MXPriorityRouting
Run Check →
FreeAPI
SSL Certificate Scanner
Inspect SSL/TLS certificates, check expiry dates, TLS version support, cipher suites, and certificate chain issues. Catch problems before they cause browser warnings.
CertificateTLSCipherExpiry
Run Check →
FreeAPI
Email Security Checker
Validate your domain's full email authentication stack in one scan. Checks SPF, DKIM, DMARC policy, and MX records — the four protocols that prevent email spoofing and phishing.
SPFDKIMDMARCMX
Run Check →
01

Enter a domain

Type any domain — no account, no setup. The scan starts immediately.

02

Get your grade

Each module returns an A–F grade with specific findings and severity levels.

03

Fix what matters

Prioritized remediation steps tell you exactly what to change and why.

REST API

Automate with the API

Run any tool programmatically. Integrate security checks into your CI/CD pipeline, monitoring stack, or client-facing dashboards.

curl -X POST https://api.compliancelayer.net/v1/scan \
  -H "Authorization: Bearer cl_..." \
  -d '{"domain": "example.com"}'
View API Docs →Get Free Key
Bulk Scanning

Scan 1,000+ domains at once

Built for MSPs and compliance teams managing multi-tenant environments. Upload a CSV or hit the bulk endpoint — results in minutes.

50K+
Domains scanned
<3s
Avg. scan time
6
Security modules
Start Bulk Scan →