Hsecscan - A Security Scanner for HTTP Response Headers
Hsecscan is a Python-based security scanner for HTTP response headers.
Install
You can download the latest version clicking here or clone the repository with the command below.$ git clone https://github.com/riramar/hsecscan.git master
Usage
$ ./hsecscan.py usage: hsecscan.py [-h] [-P] [-p] [-H Header] [-u URL] [-R] [-i] [-U User-Agent] [-D DBFILE] [-d 'POST data'] [-x PROXY] [-a] A security scanner for HTTP response headers. optional arguments: -h, --help show this help message and exit -P, --database Print the entire response headers database. -p, --headers Print only the enabled response headers from database. -H Header, --header Header Print details for a specific Header (example: Strict- Transport-Security). -u URL, --URL URL The URL to be scanned. -R, --redirect Print redirect headers. -i, --insecure Disable certificate verification. -U User-Agent, --useragent User-Agent Set the User-Agent request header (default: hsecscan). -D DBFILE, --dbfile DBFILE Set the database file (default: hsecscan.db). -d 'POST data', --postdata 'POST data' Set the POST data (between single quotes) otherwise will be a GET (example: '{ "q":"query string", "foo":"bar" }'). -x PROXY, --proxy PROXY Set the proxy server (example: 192.168.1.1:8080). -a, --all Print details for all response headers. Good for check the related RFC.
You might also like:
- Viproy - VoIP Penetration Testing & Exploitation Kit
- Panoptic - Tool For Exploiting Path Traversal Vulnerabilities
- REMnux - A Linux Toolkit For Reverse-Engineering & Malware Analysis
- Cuckoo Sandbox - An Open Source Automated Malware Analysis System
- Canari Framework - A Transform Development Framework For Maltego
- Android Data Extractor Lite - An Open Source Forensic Tool For Android
- Enhanced Mitigation Experience Toolkit (EMET) - An Anti-Exploitation Tool
- Brakeman - A Static Analysis Security Vulnerability Scanner For Ruby on Rails Applications
- Vega - Web Application Security Scanner
- Nessus - An Advanced Vulnerability Scanner
- Matriux - A Debian Based Penetration Testing Distribution
- Bluelog - A Highly Configurable Linux Bluetooth Scanner
- HTTrack Website Copier - A Free Website Mirroring Tool
- HookME - Tool For Intercepting Communications with API Hooking
- 360-FAAR - An Open-source Firewall Analysis and Configuration Tool
- Binwalk - Firmware Analysis Tool
- Hackersh (Hacker Shell) - An Open Source Command-line Shell For Security Testing
- Chrome Download Unblocker - Tool For Quickly Disabling File Download Blocking In Google Chrome
- Ghost Phisher - Tool For Phishing and Penetration Attacks
- Evil FOCA - An Open-source Penetration Testing Tool
Post a Comment