HTTP Security Headers Analyzer
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE
README.md
analyze-secheaders.py
br.txt
ee.txt
top-1m.csv

README.md

HTTP Security Headers Analyzer

This script can be used to verify the presence of HTTP security headers.

Note that it merely checks the presence of these headers but does not make any judgement on the effectiveness or correctness of the configurations or rules (e.g., CSP rules, pins of HSTS or X-XSS-Protection set to 0).

This code was used to perform the survey published on Wildfire Labs blog.

Resources

Author

  • Julio Cesar Fort - julio at blazeinfosec dot com

License

This project is licensed under the Apache License - see the LICENSE file for details