OWASP ASVS Level 2

Security audit
in one command

Pre-scan your app for CASA Tier 2 compliance. Fix issues before the assessor arrives.

Install 
$ git clone https://github.com/acoyfellow/vet && cd vet
$ bun install && bun build src/cli.ts --compile --outfile vet
$ ./vet https://your-app.com

Try it live

Runs a lightweight scan right from your browser — headers, methods, CORS, error disclosure.

🛡️

Security Headers

HSTS, CSP, X-Frame-Options, Permissions-Policy, and more.

🔒

TLS/SSL

Certificate validation, TLS 1.2+ enforcement, mixed content.

🚫

HTTP Methods

TRACE/TRACK blocked, proper 405 responses.

💬

Error Disclosure

No stack traces, no version strings, no internal paths.

🌐

CORS

No wildcard on credentialed routes, no evil origin reflection.

💉

Input Validation

SQL injection, XSS, path traversal, malformed payloads.

Read the tutorial → CLI reference