WEA is a professional client-side security scanner designed to help developers, pentesters, and security enthusiasts quickly identify potential vulnerabilities in web applications. It inspects every element of a website, detects risky behaviors, and highlights issues in real-time.
~Features: Deep in-page scanning for DOM XSS, unsafe inputs, file upload surfaces, CSRF, IDOR, and mixed content. Detection of third-party scripts and sensitive browser APIs. Highlights risky elements directly on the page for easy review. Real-time scan progress and dynamic SPA support. Clear, actionable mitigation advice for each finding. Lightweight, fully client-side, and does not require server access.
~Who is it for: Web developers wanting to harden their sites. Security professionals performing client-side assessments. Educators and students learning web security.
