From Docker to WebCheck

Have you ever set up a cybersecurity tool, fired it up on your localhost, and felt that rush of excitement just before the results come in? That’s exactly how it felt when I got WebCheck running on my system, and the insights were worth every second.

Here’s how it went down: I recently installed WebCheck, an open-source web security tool, on my Casa OS running on Zorin OS through the terminal. I containerized it with Docker, pulling the image and firing up the app on my localhost. Once it was up and running at http://192.168.1.196:13000/, it was game on.

I needed a target to test out WebCheck’s capabilities, and I thought, why not go big? So, I picked visitmalawi.mw. Little did I know, I was about to uncover a mix of successes and failures that painted a pretty intriguing picture.

The Setup: Making It Happen

Setting up WebCheck wasn’t just a random whim. It was a calculated move to boost my hands-on experience with cybersecurity tools. Here’s how I got it done:

• Step 1: Casa OS Installation

• Step 2: Docker Configuration

• Step 3: Firing Up WebCheck

• Step 4: Choosing the Target

• Step 5: Vulnerability Scan Results

---

The Results:

In just 26 seconds, WebCheck hit me with a full breakdown of the website’s security status. It was a wild ride, and here’s the verdict:

✅ Successes: What Worked Well

• SSL and TLS Security Configuration:

• DNS Security and Firewall:

• HTTP Security Headers and HSTS:

• Social Tags and Threat Detection:

• TLS Cipher Suites:

❌ Failures: Where It Fell Short

• IP Retrieval and Location:

• Tech-Stack Identification:

• Server Information and Mail Configuration:

• Carbon Emission Check:

• Screenshot Capture:

Key Takeaways: What I Learned This experiment wasn’t just about running a tool—it was about analyzing the output and interpreting what went wrong and why. Here’s what I took away from this run:

Expect Failures: Successes Matter Too: Dig Deeper: