Sitecheck

Sucuri SiteCheck (sitecheck.sucuri.net) is a free online website security scanner that performs external blacklist checks, malware detection, website integrity analysis, and basic security configuration assessment for any publicly accessible URL. It checks target websites against multiple malware and blacklist databases while also scanning for known indicators of compromise in the site's external-facing content.

For OSINT investigators working web application security cases, phishing investigations, or brand protection work, SiteCheck provides quick intelligence about whether a target website is currently flagged as malicious by security vendors, has known malware injections in its source code, or appears on domain blacklists used by browsers and email security systems.

Blacklist status checking is particularly relevant for phishing investigation workflows. When investigating a suspicious URL found in a phishing email or social media post, SiteCheck rapidly determines whether the domain is already known to major security services — Google Safe Browsing, McAfee SiteAdvisor, Norton SafeWeb, and others — providing immediate context about whether the threat is known or novel.

The external malware scan checks the loaded resources, JavaScript files, and page content for known malware signatures, drive-by download scripts, and injected redirect code. Compromised legitimate websites that are being used as phishing hosts or malware distributors frequently show malware injection indicators that SiteCheck surfaces.

SiteCheck also reports on the website's CMS version (WordPress, Joomla, Drupal), outdated plugins, and server software — information useful for both security assessments and for building a technical profile of a target site.

Record the URL scanned, scan timestamp, blacklist status results, and any malware indicators found in investigation notes.