Best Self Hosted Alternatives to Censys

Web-Check is an open source OSINT tool designed to analyze any website and reveal its underlying architecture, security posture, and technology footprint. It aggregates data such as IP information, SSL chain details, DNS records, cookies, response headers, domain information, crawl rules, site map, server location, redirects, open ports, traceroute results, DNSSEC status, site performance, trackers, related hostnames, and even carbon footprint metrics.

Key Features

• IP info and network layout
• SSL chain and certificate details
• DNS records and domain information
• Cookies and response headers analysis
• Crawl rules and site map visibility
• Server location and redirects ledger
• Open ports and traceroute data
• DNSSEC presence and related security data
• Site performance metrics and trackers
• Related hostnames and asset discovery
• Carbon footprint estimation

Use Cases

• OSINT reconnaissance for security teams and threat intel
• Web security assessments and architecture discovery for devops and security engineers
• Performance and infrastructure analysis to optimize websites

Limitations and Considerations

• There is a known security advisory affecting the project’s screenshot API (command injection via unvalidated URL). Users should ensure they are on a patched release and follow secure deployment practices. (github.com)

Conclusion

• Web-Check is an open source, self-hostable OSINT solution that helps you understand a website’s internals and security posture. It supports multiple deployment options (Docker, Netlify, Vercel) and offers a hosted live demo for quick evaluation. (github.com)

Secrover is a free, open-source tool that automates generation of clear, professional HTML security audit reports for code repositories and domains. It combines dependency scanning, static code checks, and domain/SSL checks into a single shareable report.

Key Features

• Dependency vulnerability scanning using OSV-based scanners to report known issues across supported languages
• Static code checks via integrated search tools to surface potentially risky code patterns
• Domain and hosting audits: SSL/TLS, redirects, security headers, open ports, and basic hosting location info
• Produces standalone human-readable HTML reports suitable for stakeholders and public sharing
• Automation support: run one-off scans via Docker or schedule recurring scans using an internal cron (Supercronic)
• Remote export options for reports using rclone-compatible destinations (S3, SFTP, WebDAV, SMB, Google Drive)
• Support for private GitHub repositories via HTTPS Personal Access Token

Use Cases

• Generating repeatable security audit reports for open-source projects or internal repositories
• Producing client-facing or compliance-ready HTML reports after dependency and code scans
• Integrating scheduled security scans into CI workflows and exporting results to cloud storage or intranet sites

Limitations and Considerations

• Private repository cloning currently works only over HTTPS with a GitHub Personal Access Token; SSH is not supported
• Dependency scanning and language coverage depend on the capabilities of the integrated external scanners (e.g., OSV scanner)
• Scans of very large repositories or many targets may be resource- and time-intensive when run in single-container setups

Secrover is a practical choice when you need transparent, shareable security audit reports without a proprietary SaaS dependency. It is designed for simple Docker-based deployment, automation via cron or CI, and flexible export destinations for report distribution.