v2.1.0 · Free & open-source · Windows 10 / 11

The ephemeral browser with a
built-in dev & security workbench

Phoenix stores zero cookies to disk and loads every page live — then arms you with a 20-section workbench and a 35-tool recon lab to inspect, audit and test any website. Built for developers, QA, SEO and authorized pentesters.

Free foreverMIT open-source~79 MBWindows 10 / 11 x64No account · No telemetry
phoenix://security-audit — example.com
Phoenix Browser running a live security audit of a website

One window · twenty tools

Everything you need to inspect a website

Pick a section from the sidebar and it audits the page you're on — automatically. Results roll up into a single report you can export.

🛡️

Security Audit

Headers, TLS, cookies, CORS, exposed .git/.env, JS secret leaks — with a posture score.

📈

SEO Audit

On-page score, Google SERP + mobile preview, keywords, robots & sitemap checks.

Performance

Web Vitals — LCP, CLS, TTFB, FCP — plus render-blocking & optimization tips.

Accessibility

WCAG checks: contrast, alt text, labels, ARIA, heading order — a11y score.

🕸️

Network Monitor

Resource-timing waterfall, weight breakdown, slow / large / third-party detection.

🕵️

Privacy

Trackers, third-party requests, consent banners & fingerprinting detection.

🗄️

Storage Inspector

Cookies, localStorage, sessionStorage & IndexedDB with token & secret detection.

📦

PWA Analyzer

Manifest, service workers, installability score & framework detection.

🔑

Passwords & Auth

Login/CSRF analysis, password strength + entropy, breach check, SPF/DMARC.

⏺️

Automation Recorder

Record clicks & typing → export Playwright, Puppeteer or Selenium tests.

🤖

AI Analyst

Explain findings, summarise pages, generate fixes — pluggable AI, offline mode.

📊

Reports

Aggregate score dashboard, export HTML / JSON / Markdown for clients.

Hacking Lab · 35 keyless tools

A full recon & OSINT lab in the sidebar

Everything runs in the app's own engine — no CORS limits, no API keys, no accounts. For assets you own or are authorized to test.

DNSWHOISIP / ASNSubdomainsSSL / TLSTech StackWordPressWP PluginsAPI DiscoveryGraphQLJS Secret ScanCORSCVE LookupPort ScanContent DiscoveryWAF / CDNWaybackHeadersHTTP MethodsRobots / SitemapBroken LinksMixed ContentJWT DecodeRaw RequestKeywordsScrapers

See it in action

Screenshots

Phoenix analysing the demo domain example.com — every panel runs automatically.

Up and running in a minute

Install on Windows

Download

Grab the Setup .exe — or the portable build, which needs no install.

Run it

The build is unsigned, so SmartScreen may appear — click More info → Run anyway.

Start auditing

Open any site, pick a sidebar section, and Phoenix audits it automatically. Press F2 for the recon lab.

Ephemeral by design

Nothing you browse touches the disk

Phoenix runs a RAM-only Chromium session with the HTTP cache disabled. Perfect for testing sites you're building — every reload is the real, live server.

🚫

Zero cookies stored

Nothing is written to disk; the session is wiped on close and on launch.

🔄

Real-time loads

no-cache, no-store on every request — you always see the current server response.

🧹

One-tap wipe

Ctrl+Shift+Del clears cookies, cache, storage & service workers instantly.

🔒

No telemetry

Free, open-source, keyless. All analysis uses public endpoints. No accounts, no tracking.

Answers

Frequently asked questions

What is Phoenix Browser?

A free Chromium-based browser for Windows for developers, QA engineers, SEO specialists and authorized penetration testers. It pairs an ephemeral browser (no cookies stored, real-time loads) with a 20-section developer & security workbench and a 35-tool recon lab.

Is it free?

Yes — free and open-source under the MIT license. Download the Windows installer or portable build at no cost.

How do I install it on Windows?

Download the Setup .exe, run it, and if SmartScreen appears click More info → Run anyway (the build is unsigned). A portable version that needs no installation is also available.

Does it store cookies or history?

No. Phoenix uses a RAM-only session — nothing is written to disk and everything is wiped when you close the window. The HTTP cache is disabled so every page loads live.

What tools are included?

Inspect, Console, Network, Security, Passwords/Auth, SEO, Performance, Responsive, Accessibility, PWA, Storage, Privacy, Forms, Visual, Automation, Reports and an AI Analyst — plus a 35-tool recon lab (DNS, WHOIS, SSL, subdomains, tech-stack, WordPress, API discovery, secret scanning, CVE lookup, port scan and more).

Is it legal to use?

Yes, for websites you own or are authorized to test. The offensive modules are for assets you own or have written permission to test. You are responsible for lawful use.

Download Phoenix Browser

Free · ~79 MB · Windows 10 / 11 (x64).

⚠️ Authorized use only. The recon & security tools are intended solely for assets you own or have explicit written permission to test.