WebTrustEngine R50
ENTR
TOOL ECOSYSTEM

Independent tools are the verification layer of the evidence flow

The engine produces readiness; the grade always comes from the tool itself. This directory reaches the official addresses of 39 tools in one click.

INDEPENDENT MEASUREMENT TOOLS

Independent measurement tools

WebTrustEngine does not issue self-declared live scores. For security headers, TLS, performance, accessibility, structured data, search visibility and social previews, it connects findings and verification steps to results produced by independent tools.

The links below point to the official websites of the respective tools. Listing a tool does not imply affiliation, partnership or endorsement.

Limit

These are independent third-party tools. WebTrustEngine does not claim ownership of their results; it positions them within the verification and evidence workflow.

Security headers

SecurityHeaders.com

Deploy-Verify

Grades HTTP security headers.

Header findings verify against this grade.

Open official site ↗External site

MDN HTTP Observatory

Deploy-Verify

Scores header and security configuration.

A second independent header opinion.

Open official site ↗External site

Google CSP Evaluator

Deploy-Verify

Evaluates CSP policy strength.

Final check of the CSP recipe.

Open official site ↗External site

OWASP Secure Headers Project

Reference

Reference source for header standards.

The standard the recipes rest on.

Open official site ↗External site

TLS / HTTPS

Qualys SSL Labs

Deploy-Verify

Issues the certificate and protocol grade.

TLS readiness pairs with this grade.

Open official site ↗External site

Hardenize

Deploy-Verify

Summarises a domain's network/TLS posture.

A wide-angle second view.

Open official site ↗External site

internet.nl

Deploy-Verify

Tests compliance with modern internet standards.

Extra verification incl. IPv6/DNSSEC.

Open official site ↗External site

Mozilla SSL Configuration Generator

Action recipe

Generates server TLS configuration templates.

Source for external action recipes.

Open official site ↗External site

Performance and page experience

Google PageSpeed Insights

Deploy-Verify

Field and lab performance grade.

Performance readiness verifies here.

Open official site ↗External site

Lighthouse

Deploy-Verify

Measures page quality in the lab.

Repeatable local measurement.

Open official site ↗External site

WebPageTest

Deploy-Verify

Filmstrip and metrics in real browsers.

Deep performance diagnosis.

Open official site ↗External site

GTmetrix

Deploy-Verify

Provides performance reports and monitoring.

An alternative measurement view.

Open official site ↗External site

Search Console Core Web Vitals

Deploy-Verify

Real-user experience report.

Long-term field-data tracking.

Open official site ↗External site

Technical SEO and crawling

Google Search Console

Deploy-Verify

Indexing and URL inspection.

Live index state reads here.

Open official site ↗External site

Bing Webmaster Tools

Deploy-Verify

Crawl and index on the Bing side.

The second search-engine view.

Open official site ↗External site

Screaming Frog SEO Spider

Review

Site crawler; builds the technical inventory.

Independent crawl comparison.

Open official site ↗External site

Sitebulb

Review

Crawler with visual audit reports.

An alternative technical audit.

Open official site ↗External site

Ahrefs Webmaster Tools

Review

Site health and link profile.

External link context.

Open official site ↗External site

Semrush Site Audit

Review

Technical issue scanning.

A third-party health view.

Open official site ↗External site

W3C Markup Validator

Deploy-Verify

Tests HTML validity.

Markup cleanliness verification.

Open official site ↗External site

W3C Link Checker

Deploy-Verify

Scans for broken links.

Live link verification.

Open official site ↗External site

Structured data

Google Rich Results Test

Deploy-Verify

Tests rich-result eligibility.

Google's view of the schema layer.

Open official site ↗External site

Schema.org Validator

Deploy-Verify

Validates schema syntax.

Syntax-level validation.

Open official site ↗External site

Social preview

Open Graph Protocol

Reference

The source of the OG tag standard.

Reference for the preview layer.

Open official site ↗External site

LinkedIn Post Inspector

Deploy-Verify

Refreshes and shows the LinkedIn preview.

Corporate share verification.

Open official site ↗External site

Facebook Sharing Debugger

Deploy-Verify

Tests the Facebook preview cache.

Surfaces OG errors.

Open official site ↗External site

X (Twitter) Cards

Reference

Card markup docs; the validator is now limited.

Reference for card tags.

Open official site ↗External site

Accessibility

axe DevTools

Deploy-Verify

Automated a11y testing in the browser.

Cross-test of engine findings.

Open official site ↗External site

WebAIM Contrast Checker

Deploy-Verify

Computes colour contrast ratios.

Verification of contrast findings.

Open official site ↗External site

WCAG 2.2 Quick Reference

Reference

The official list of accessibility criteria.

The standard behind the findings.

Open official site ↗External site

AI / GEO / AEO

llms.txt

Reference

The AI-readable site summary proposal.

The generated llms.txt follows this standard.

Open official site ↗External site

IndexNow

Action recipe

Instantly notifies search engines of new URLs.

The post-deploy notification step.

Open official site ↗External site

Peec AI

Review

Tracks brand visibility in AI answers.

An AI-visibility measurement example.

Open official site ↗External site

Otterly.AI

Review

AI search visibility and citation tracking.

An alternative AI monitoring tool.

Open official site ↗External site

Analytics and user experience

Microsoft Clarity

Review

Provides heatmaps and session recordings.

Post-launch behaviour view.

Open official site ↗External site

Specialist security tools

Sucuri SiteCheck

Deploy-Verify

Scans for known malware signals.

External reputation/blocklist view.

Open official site ↗External site

OWASP ZAP Baseline Scan

Authorised test

Passive baseline security scan.

Extra depth in an authorised environment.

Open official site ↗External site

Quick answers

Why does it exist?

An honesty layer; not everything is automated.

Full answer in the FAQ

Which items?

A11y/legal/brand/content accuracy.

Full answer in the FAQ

Are they excluded?

No; routed to a reviewer.

Full answer in the FAQ

How is rollback tested?

Copy one file back from the backup dir and open the site; a five-minute drill insures the real moment of need.

Full answer in the FAQ

Why is a double CSP risky?

Server + file policies intersect and permissions narrow; pages break unexpectedly. The single-source rule exists for this.

Full answer in the FAQ

The most frequent hreflang error?

One-way mapping: TR points to EN but EN never answers back. The reciprocity audit catches it at file level.

Full answer in the FAQ