SiteGuardLite
Run auditCase studyArchitecture
Non-invasive by design
Back to SiteGuard Lite
Responsible disclosure

Security Policy

SiteGuard Lite is designed to inspect public signals while protecting the service, the person running the audit, and the website being reviewed.

Last reviewed July 10, 2026
On this pageSecurity boundaryService protectionsExcluded testingReport a vulnerabilityResearch rulesData handlingSupported version
Private reporting channel

Do not publish exploit details, credentials, private data, or a working attack. Send a concise report to siddharth.sudhir77@gmail.com.

01

Security boundary

SiteGuard Lite accepts a public HTTP or HTTPS URL and performs a small number of server-side requests. Security-sensitive areas include URL parsing, DNS resolution, private-address detection, redirect validation, TLS inspection, response-size limits, concurrency, rate limiting, parsing, report export, and error handling.

02

Service protections

The application rejects private and reserved network destinations, restricts supported protocols and ports, validates redirect targets, pins validated public addresses for outbound requests, limits response sizes, applies timeouts, caps link and image samples, and rate-limits repeated audits.

These controls reduce risk but do not make the service immune to every implementation flaw, deployment mistake, dependency issue, or new attack technique.

03

Testing intentionally excluded

The project must not be extended to perform credential testing, login attempts, account enumeration, exploit payloads, malware execution, unrestricted port scanning, private-network access, denial-of-service testing, aggressive crawling, or attempts to bypass authorization.

04

Report a vulnerability

A useful report includes the affected route or component, a clear description, safe reproduction steps, expected and actual behavior, potential impact, and a suggested mitigation when available.

Email a private security report
05

Responsible research rules

Test only a local instance, your own deployment, or an environment for which you have explicit permission. Do not access data that is not yours, degrade availability, retain private information, send automated high-volume traffic, or publicly disclose an issue before a reasonable remediation discussion.

06

Data handling

The application does not include a database for storing submitted URLs or completed reports. A report remains in the browser session unless the user exports it. Hosting providers, reverse proxies, rate-limit services, and infrastructure logs may still process technical request data according to the deployed environment.

Do not submit private intranet addresses, secret URLs, embedded credentials, access tokens, or sensitive query parameters.

07

Supported version

The latest maintained version of the project receives security fixes. Older copies and independently modified deployments may not contain current protections.

SiteGuardLite

Created by Siddharth Sudhir

Software engineer and founder of HazeEdge

I build reliable web products, security-minded backend systems, and practical digital experiences that are clear enough for real businesses to use.

Connect
PortfolioLinkedInEmail
Policies
Terms and ConditionsSecurity PolicyProduct Case Study

SiteGuard Lite is a limited automated first-pass assessment. Results may be incomplete or inaccurate and should not be treated as a security certification, compliance review, or substitute for a professional audit.

© 2026 Siddharth Sudhir. All rights reserved.

Public signals only. No invasive testing.