NC3 Knowledge base


Website Application Testing

After entering a website's domain name, we will test whether the website supports various modern Internet standards such as:
  • Content Security Policy (CSP) header
  • Cross-Origin Resource Sharing (CORS)
  • HTTP Strict Transport Security (HSTS) header implementation

This platform is providing a tool in order to verify the reachability of your server from a modern internet address (IPv6).

This platform is providing a tool to assess your web server configuration, software versions and potential vulnerabilities.


Our suite of tools is able to verify a series of standards concerning the proper implementation of an email server.
  • Parses and validates MX, SPF, and DMARC records
  • Checks the presence and validity of DKIM public key
  • Checks for DNSSEC deployment
  • Lists name servers
  • Checks for STARTTLS and TLS support on each mail server



HTTPS (HyperText Transfer Protocol Secure) is an encrypted version of the HTTP protocol. It uses SSL or TLS to encrypt all communication between a client and a server.


HTTP Strict Transport Security lets a website inform the browser that it should never load the site using HTTP and should automatically convert all attempts to access the site using HTTP to HTTPS requests instead. It consists in one HTTP header, Strict-Transport-Security, sent by the server with the resource.


DMARC and SPF are protections against email phishing.

DMARC record is a TXT record that contains instructions for how an email server should handle an email that fails authentication. Using DMARC records, you can control if email receivers should reject, quarantine, or do nothing with a suspicious email.

The Sender Policy Framework (SPF) is an email authentication method designed to detect forging sender addresses during the delivery of an email.

Domain signature (DNSSEC)

The Domain Name System Security Extensions are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS).


DomainKeys Identified Mail is an email authentication method designed to detect forged sender addresses in email (email spoofing).

DKIM allows the receiver to check that an email that claimed to have come from a specific domain was indeed authorized by the owner of that domain.