Run a scan
Try Free for 15 Days — No credit card required · Billing starts January 1, 2027 at $7.95 per month

We scan your code for
WordPress, YouTube, TikTok, Shopify

We scan, then we forget. You keep what you want.

No credit card required · Billing starts January 1, 2027 at $7.95 per month

app.allscantool.com/scan
Paste Source Code
auto-detect Ready
> Delivery-Layer Engine ready.
> Paste code and click Run Scan to begin.
Findings
🔍

No scan results yet — paste code and click Run Scan.

Scan Reports
📋

No reports available. Run a scan first.

Ask questions about your scan results — the engine analyzes your code and findings locally.

AST Response
📁

Click to add a file or drag and drop — files load into the code area

Auto-detect language

Detect file extension or code patterns to select scan rules

Show terminal output

Display engine progress and status lines during scan

Enable WordPress rules

Scan for eval(), nonce checks, unsanitized echo, DB queries

Enable Shopify rules

Scan for unescaped Liquid, hardcoded keys, insecure scripts

Enable embed rules

Scan TikTok and YouTube embeds for consent, IP exposure, autoplay

Enable third-party script rules

Scan for hardcoded API keys, missing SRI hashes, pre-consent scripts

🔒
History is a Pro feature.
Your scan history is saved locally in your browser — accessible only with an active Professional subscription.

We scan, then we forget. You keep what you want.
Try Free for 15 Days — No Credit Card Required
Reports
Risk Score
Findings 0
Critical 0
Warnings 0
Info 0

🔒

No Logs Policy

No code, metadata, or scan activity is ever stored

🚫

No Storage

Nothing written to disk, database, or cache

⏱️

No Retention

Close the page — everything is discarded instantly

🌐

Runs in Your Browser

All processing happens client-side — no uploads

How It Works

Three steps. No account needed during trial. No code leaves your machine.

1

Paste Your Source Code

Drop in PHP, JavaScript, HTML, CSS, Liquid, or any plain-text source from a WordPress plugin, Shopify theme, TikTok embed, or YouTube integration.

2

The Engine Scans Locally

The Delivery-Layer Engine processes scanning rules directly in your browser. No uploads required. Results appear in seconds.

3

Keep What You Want, Forget the Rest

Review findings by severity. Export a private report. The moment you close the page, the engine discards everything.

What It Catches

Platform-specific rules for the ecosystems freelancers actually work in.

WordPress

  • [Critical] eval() in theme or plugin code
  • [High] Direct DB queries without escaping
  • [Medium] Unsanitized echo of user input
  • [Low] AJAX handler without nonce check

Shopify

  • [Critical] Unescaped customer object in Liquid
  • [High] Hardcoded API key in theme.js
  • [Medium] Insecure external script in theme
  • [Low] Missing integrity hash on CDN asset

TikTok & YouTube Embeds

  • [High] Embed fires without GDPR consent
  • [High] Visitor IP sent to Google on load
  • [Medium] Visitor data sent on page load
  • [Low] Autoplay without user gesture

Third-Party Scripts

  • [Critical] Hardcoded API key in frontend JS
  • [High] External script without SRI integrity hash
  • [Medium] Script loads before consent banner
  • [Low] Third-party tracker fires on page load

Trust & Security

AllScanTool operates under a strict No-Logs Policy. No code, metadata, or scan activity is ever stored, logged, or retained.

🔒

Zero Storage

No code is ever written to disk, database, or log. All scans run in volatile memory — cleared instantly after response.

📡

Encrypted Transit

All communication protected with modern TLS encryption. Nothing travels in plain text.

👁️

Private by Design

No tracking, no analytics, no cookies on code input. Our commitment is documented in full.

No-Logs Policy

What we never scan, never log, never keep, and never share — documented in our policies.

Built for Developers Where They Work

Find AllScanTool in the communities freelancers and developers already use every day.

Try Free for 15 Days

No credit card required during your trial. Billing starts January 1, 2027.