HttpSecurityHeadersChecker: Http Security Headers Checker Tool
HttpSecurityHeadersChecker
Http Security Headers Checker Tool written in PHP Cli + Useful Tips to set Http Security Headers in the most Webservers (Apache,nginx,IIS,…)
Response Headers
The following contains a list of HTTP response headers related to security, declared by OWASP.
- HTTP Strict Transport Security (HSTS)
- Public Key Pinning Extension for HTTP (HPKP)
- X-Frame-Options
- X-XSS-Protection
- X-Content-Type-Options
- Content-Security-Policy
- X-Permitted-Cross-Domain-Policies
- Referrer-Policy
- Expect-CT
Prerequisites :
To use this tool you need to install PHP CLI. (PHP >=5 is OK)
Installing PHP CLI :
- Linux: PHP CLI Pre-installed Linux.
- Windows :
Go to: http://windows.php.net/download
Download appropriate released PHP file.
Follow this tutorial: http://www.php-cli.com/php-cli-tutorial.shtml
git clone https://github.com/Snbig/HttpSecurityHeadersChecker.git
How to use :
- Linux: Fire up a terminal and enter the below command :
php HttpSecurityHeadersChecker.php
- Windows: Open CMD (Win + R keys on your keyboard. Then, type cmd or cmd.exe and press Enter).
- Enter the below command :
php.exe HttpSecurityHeadersChecker.php
- Enter website exact URL :
[*] Enter URL (http/https)://[www.]google.com : https://github.com
- Enter “Y” for following website redirection or “N” to disable it.
[*] Do you want to follow redirection ? (Y/N) : Y
- If you want to keep your anonymity, use PROXY. To set Socks5/Tor/Http proxy , enter 1,2 or 3.
[*] Do you want to use proxy ? ([0] => No proxy , [1] => Socks5 , [2] => Tor , [3] =>Http) : 2
- Enable Tor on your PC before using Tor as socks5 proxy.
Copyright 2019 Snbig(Hamed)
Source: https://github.com/Snbig/
