Disclaimer
What these tools are — and what they are not.
BlueTeamKit tools are lightweight, single-purpose utilities. They are not a security audit, a penetration test, a compliance assessment, or professional advice, and their output should never be represented as such.
- A high header grade does not mean a site is secure; a low one does not mean it is compromised.
- Email header analysis is triage input — headers can be forged below the first trusted hop.
- CVE data reflects NVD at query time; scores and KEV status change as analysis matures.
- A decoded JWT is not a verified JWT — signature validation requires the signing key.
Use the output as a starting point, verify independently, and engage qualified professionals for decisions that matter. For educational and defensive use.
Affiliate disclosure
Some outbound links are affiliate links, marked near where they appear. We may earn a commission at no extra cost to you. We only link products we consider genuinely useful to this audience; no vendor influences tool output.