Web Security Scanner for OWASP Compliance with Markdown Reports

How the n8n OWASP Scanner Works & How to Set It Up

How It Works (Simple Flow): Input**: Enter target URL + endpoint (e.g., https://example.com, /login) Scan**: This workflow executes 5 parallel HTTP tests (Headers, Cookies, CORS, HTTPS, Methods) Analyze**: Pure JS logic checks OWASP ASVS (Application Security Verification Standard) rules (no external tools) Merge**: Combines all findings into one Markdown report Output: Auto-generates + downloads scan-2025-11-16_210900.md (example filename) Email:** (Optional) Forward the report to an email address using Gmail.

Setup in 3 Steps (2 Minutes)

Import Workflow Copy the full JSON (from "Export Final Workflow") In n8n → Workflows → Import from JSON → Paste → Import

(Optional) Connect your Gmail credentials In the last node to auto-email the report

Click Execute the workflow Enter a URL in the new window, then click 'submit'.

You can alternatively download or receive the Markdown report directly from the Markdown to File node

(Supports any HTTP/HTTPS endpoint. Works in n8n Cloud or self-hosted.)