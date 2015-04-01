Hsecscan - A Security Scanner for HTTP Response Headers

Hsecscan is a Python-based security scanner for HTTP response headers.

Install

You can download the latest version clicking here or clone the repository with the command below.
$ git clone https://github.com/riramar/hsecscan.git master

Usage

$ ./hsecscan.py 
usage: hsecscan.py [-h] [-P] [-p] [-H Header] [-u URL] [-R] [-i]
                   [-U User-Agent] [-D DBFILE] [-d 'POST data'] [-x PROXY]
                   [-a]

A security scanner for HTTP response headers.

optional arguments:
  -h, --help            show this help message and exit
  -P, --database        Print the entire response headers database.
  -p, --headers         Print only the enabled response headers from database.
  -H Header, --header Header
                        Print details for a specific Header (example: Strict-
                        Transport-Security).
  -u URL, --URL URL     The URL to be scanned.
  -R, --redirect        Print redirect headers.
  -i, --insecure        Disable certificate verification.
  -U User-Agent, --useragent User-Agent
                        Set the User-Agent request header (default: hsecscan).
  -D DBFILE, --dbfile DBFILE
                        Set the database file (default: hsecscan.db).
  -d 'POST data', --postdata 'POST data'
                        Set the POST data (between single quotes) otherwise
                        will be a GET (example: '{ "q":"query string",
                        "foo":"bar" }').
  -x PROXY, --proxy PROXY
                        Set the proxy server (example: 192.168.1.1:8080).
  -a, --all             Print details for all response headers. Good for check
                        the related RFC.


Download Hsecscan

