HandyHeaderHacker: Examine HTTP response headers for common security issues
HandyHeaderHacker
HandyHeaderHacker is a script to examine HTTP responses from a server for best security practices. While HandyHeaderHacker is nowhere near completion it is in a state where you can quickly analyze a web server with a single request.
Current headers inspected
- X-Frame-Options
- Content-Security-Policy (Including Report-Only)
- X-Webkit-CSP
- X-XSS-Protection
- X-Content-Type-Options
- Server
- Etag
- X-Powered-By
- Set-Cookie and associated cookie flags
- Strict-Transport-Security
- Public-Key-Pins
- Referrer-Policy
Download
git clone https://github.com/vpnguy/HandyHeaderHacker.git
Use
Copyright (C) 2016 vpnguy
Source: https://github.com/vpnguy/
