Hsecscan - A Security Scanner for HTTP Response Headers
Hsecscan is a Python-based security scanner for HTTP response headers.
Install
You can download the latest version clicking here or clone the repository with the command below.$ git clone https://github.com/riramar/hsecscan.git master
Usage
$ ./hsecscan.py
usage: hsecscan.py [-h] [-P] [-p] [-H Header] [-u URL] [-R] [-i]
[-U User-Agent] [-D DBFILE] [-d 'POST data'] [-x PROXY]
[-a]
A security scanner for HTTP response headers.
optional arguments:
-h, --help show this help message and exit
-P, --database Print the entire response headers database.
-p, --headers Print only the enabled response headers from database.
-H Header, --header Header
Print details for a specific Header (example: Strict-
Transport-Security).
-u URL, --URL URL The URL to be scanned.
-R, --redirect Print redirect headers.
-i, --insecure Disable certificate verification.
-U User-Agent, --useragent User-Agent
Set the User-Agent request header (default: hsecscan).
-D DBFILE, --dbfile DBFILE
Set the database file (default: hsecscan.db).
-d 'POST data', --postdata 'POST data'
Set the POST data (between single quotes) otherwise
will be a GET (example: '{ "q":"query string",
"foo":"bar" }').
-x PROXY, --proxy PROXY
Set the proxy server (example: 192.168.1.1:8080).
-a, --all Print details for all response headers. Good for check
the related RFC.
Source: www.effecthacking.com
Hsecscan - A Security Scanner for HTTP Response Headers
Reviewed by Anonymous
on
3:01 AM
Rating: