Free WordPress tools
Four checks. Sixty seconds.
Public-side checks for WordPress site owners. No tracking pixels, no login, no API key. Run them, share the output.
Looking for pentest, bug bounty consulting, triage, or advisory? See all services →
Blocklist status
Is your domain flagged by Sucuri, Google Safe Browsing, or Yandex right now?
Security headers
Grade your HTTP response headers against current best practices.
WordPress version
Detect a public WordPress install and list CVEs filed against that version.
Hacked checklist
Ten yes/no questions. Honest answer at the end.
Free download
WordPress hardening checklist (PDF)
Printable. Ten steps. The same checklist applied at the end of every cleanup.
Start an engagement.
Send the scope, stack, and timeline. You get a written proposal with a fixed quote.