# Web-Check — All-in-One Website OSINT and Analysis Dashboard > Web-Check is a self-hosted dashboard that aggregates DNS, SSL, security headers, performance, and dozens of other checks for any website into a single comprehensive report. ## Install Save as a script file and run: # Web-Check — All-in-One Website OSINT and Analysis Dashboard ## Quick Use ```bash # Run with Docker docker run -d -p 3000:3000 --name web-check lissy93/web-check # Or clone and run locally git clone https://github.com/Lissy93/web-check.git cd web-check yarn install && yarn build && yarn serve ``` ## Introduction Web-Check provides a single dashboard that runs dozens of analysis checks against any URL. Enter a domain and get back DNS records, SSL certificate details, WHOIS data, HTTP headers, open ports, technology stack detection, and more. It is useful for security audits, competitive research, and debugging. ## What Web-Check Does - Aggregates 30+ checks including DNS, WHOIS, SSL chain, HTTP security headers, and redirect chains into one report - Detects the technology stack (frameworks, CMS, CDN, analytics) using Wappalyzer-compatible fingerprinting - Shows server location, ASN information, and IP geolocation on an interactive map - Scans for open ports, exposed services, and DNS misconfigurations - Displays Lighthouse-style performance and accessibility scores alongside security analysis ## Architecture Overview Web-Check is a Next.js application with a React frontend and serverless API routes. Each analysis module runs as an independent API handler that queries external services or parses raw DNS and HTTP responses. Results stream back to the frontend where they render as interactive cards. The app can run fully self-hosted with no external API keys required for core functionality, though some modules support optional API keys for enhanced data. ## Self-Hosting & Configuration - Deploy via Docker, Docker Compose, Vercel, or Netlify with minimal configuration - Set optional API keys via environment variables for Shodan, VirusTotal, Google Safe Browsing, and other enrichment services - Configure behind a reverse proxy with standard Nginx or Caddy HTTPS termination - Customize the UI theme and disable specific check modules via environment variables - Supports running on ARM architectures including Raspberry Pi ## Key Features - Zero mandatory external dependencies: core checks (DNS, WHOIS, headers, SSL) work without API keys - Clean responsive dashboard with dark mode and collapsible result cards - Export results as JSON or PDF for documentation and compliance reports - Each check module is independent, so failures in one do not block others - Open source with an active community and frequent updates ## Comparison with Similar Tools - **Netcraft** — commercial web analysis service; Web-Check is free and self-hosted - **SecurityHeaders.com** — checks only HTTP headers; Web-Check covers DNS, SSL, WHOIS, and more - **BuiltWith** — technology detection only; Web-Check adds security and infrastructure analysis - **Shodan** — deep internet scanning platform; Web-Check is lighter and focused on per-site dashboards - **Nmap** — command-line port and service scanner; Web-Check adds a web UI and non-network checks ## FAQ **Q: Does Web-Check require API keys?** A: Core checks work without any keys. Optional keys for Shodan, VirusTotal, and others unlock additional enrichment modules. **Q: Is it safe to scan sites I do not own?** A: Web-Check performs passive analysis (DNS lookups, HTTP requests, public WHOIS). It does not exploit vulnerabilities. However, respect terms of service and local laws when analyzing third-party sites. **Q: Can I run Web-Check on a Raspberry Pi?** A: Yes. Docker images are available for ARM64 and ARM7 architectures. **Q: How do I add custom checks?** A: Each check is a standalone API route in the `api/` directory. Add a new file exporting a handler function and register it in the frontend config. ## Sources - https://github.com/Lissy93/web-check - https://web-check.xyz/ --- Source: https://tokrepo.com/en/workflows/asset-785782af Author: Script Depot