What You Can Find From the Outside Without Server Access 1. What Is a Configuration Audit Analysis of publicly available HTTP responses and DNS records — no authentication, no active interference. Only external configuration is assessed: HTTP headers, TLS/SSL, DNS, open ports. No vulnerabilities are exploited. No load on the server. 2. Tools curl — HTTP server response openssl s_client — TLS connection check dig — DNS record lookup /dev/tcp — open port detection without nmap All of this runs on Android via Termux, without root. 3. Target and Method Domain: any — with the owner's permission. For this audit: an AI-generated product on a Netlify subdomain — adorable-dodol-5ab32d.netlify.app Time: ~15 minutes. With the automation script — 2–3 minutes from check to PDF report. Method: publicly available data only, no authentication, no server load. 4.…