workflows.fit
Back to n8n workflows
n8n templateFreeBy Dale Dunlop

WebSecScan: AI-powered website security auditor

WebSecScan: AI-Powered Website Security Auditor This n8n workflow provides comprehensive website security analysis by leveraging OpenAI's models to detect vulnerabilities, configuration issues, and security misconfigu...

DevelopmentCore NodesCommunicationHITLAILangchainForm TriggerHttp Request
Loading interactive preview...

Template notes

WebSecScan: AI-Powered Website Security Auditor

This n8n workflow provides comprehensive website security analysis by leveraging OpenAI's models to detect vulnerabilities, configuration issues, and security misconfigurations. The workflow generates a professional HTML security report delivered directly via Gmail.

Key Features

- Dual-Layer Security Analysis: Performs parallel security audits using specialized OpenAI agents: - Header Configuration Audit: Analyzes HTTP headers, CORS policies, CSP implementation, and cookie security - Vulnerability Assessment: Identifies XSS vectors, information disclosure, and client-side weaknesses - Detailed Security Grading: Automatically calculates a security grade (A+ to F) based on findings severity and quantity

- Professional Report Generation: Creates a comprehensive HTML report with: - Security grade visualization - Color-coded vulnerability categories - Detailed recommendations with example configuration fixes - Header presence/absence indicators - Implementation guidance for remediation

- Non-Invasive Testing: Performs analysis without active scanning or exploitation attempts

Technical Implementation

- Multi-Agent Architecture: Utilizes two specialized OpenAI agents with custom prompts tailored for security analysis - Advanced Header Analysis: Detects presence and proper implementation of critical security headers: - Content-Security-Policy - Strict-Transport-Security - X-Content-Type-Options - X-Frame-Options - Referrer-Policy - Permissions-Policy