Web Security Scanner for OWASP Compliance with Markdown Reports

Description

How the n8n OWASP Scanner Works & How to Set It Up

How It Works (Simple Flow):
Input**: Enter target URL + endpoint (e.g., https://example.com, /login)
Scan**: This workflow executes 5 parallel HTTP tests (Headers, Cookies, CORS, HTTPS, Methods)
Analyze**: Pure JS logic checks OWASP ASVS (Application Security Verification Standard) rules (no external tools)
Merge**: Combines all findings into one Markdown report
Output: Auto-generates + downloads scan-2025-11-16_210900.md (example filename)
Email:** (Optional) Forward the report to an email address using Gmail.

Setup in 3 Steps (2 Minutes)

Import Workflow
Copy the full JSON (from "Export Final Workflow")
In n8n → Workflows → Import from JSON → Paste → Import

(Optional) Connect your Gmail credentials
In the last node to auto-email the report

Click Execute the workflow
Enter a URL in the new window, then click 'submit'.

You can alternatively download or receive the Markdown report directly from the Markdown to File node

(Supports any HTTP/HTTPS endpoint. Works in n8n Cloud or self-hosted.)