EasyScan: Light-weight web security scanner

HTTP headers security

EasyScan

EasyScan is a Python script that analyzes the security of a given website by inspecting its HTTP headers and DNS records. The script generates a security report with recommendations for addressing potential vulnerabilities.

Test Cases

The script covers the following test cases:

  1. Same Site Scripting
  2. SPF records
  3. DMARC records
  4. Public Admin Page
  5. Directory Listing
  6. Missing security headers
  7. Insecure cookie settings
  8. Information disclosure
  9. Cross-Origin Resource Sharing (CORS) misconfigurations
  10. Content-Type sniffing
  11. Cache-control

Download

pip install requests beautifulsoup4 dnspython
git clone https://github.com/introvertmac/EasyScan.git

Use

To use the EasyScan script, follow these steps:

  1. Save the code to a file named easyscan.py.
  2. Open a terminal or command prompt and navigate to the directory containing the script.
  3. Run the script using Python: python3 easyscan.py
  1. Enter the URL of the website you want to analyze when prompted.
  2. Review the generated security report for any potential vulnerabilities and recommendations.

The security report will display the header or test case, the status (Missing, Accessible, Enabled, etc.), the severity (Low, Medium, or High), and the recommendation for addressing the issue.

Source: https://github.com/introvertmac/