How the n8n OWASP Scanner Works & How to Set It Up How It Works (Simple Flow): Input: Enter target URL + endpoint (e.g., https://example.com, /login) Scan: This workflow executes 5 parallel HTTP tests (Headers, Cookies, CORS, HTTPS, Methods) Analyze: Pure JS logic checks OWASP ASVS (Application Security Verification Standard) rules (no external tools) Merge: Combines all findings into one Markdown report Output: Auto-generates + downloads scan-2025-11-16_210900.md (example filename) Email: (Optional) Forward the report to an email address using Gmail. --- Setup in 3 Steps (2 Minutes) Import Workflow Copy the full JSON (from "Export Final Workflow") In n8n → Workflows → Import from JSON → Paste → Import (Optional) Connect your Gmail credentials In the last node to auto-email the report Click Execute the workflow Enter a URL in the new window, then click 'submit'. You can alternatively download or receive the Markdown report directly from the Markdown to File node --- (Supports any HTTP/HTTPS endpoint. Works in n8n Cloud or self-hosted.)
