I built SecURL for low-noise external posture review of public sites. It reads what a browser, auditor, or researcher can already see, headers, TLS, cookies, redirects, and DNS/email posture, then turns that into clear findings and stakeholder-ready reports, without noisy recon. There is a free hosted scanner and an npm engine. Would love feedback from this community: https://securl.online
