hsecscan – HTTP Headers Scan
hsecscan is a security scanner for HTTP response headers. It requires Python 2.x.
Python Modules
- os.path
- argparse
- sqlite3
- urlparse
- urllib2
- urllib
- json
- ssl
Usage
$ ./hsecscan.py
usage: hsecscan.py [-h] [-P] [-p] [-u URL] [-R] [-i] [-U User-Agent]
[-D DBFILE] [-d 'POST data'] [-x PROXY] [-a]
A security scanner for HTTP response headers.
optional arguments:
-h, --help show this help message and exit
-P, --database Print the entire response headers database.
-p, --headers Print only the enabled response headers from database.
-u URL, --URL URL The URL to be scanned.
-R, --redirect Print redirect headers.
-i, --insecure Disable certificate verification.
-U User-Agent, --useragent User-Agent
Set the User-Agent request header (default: hsecscan).
-D DBFILE, --dbfile DBFILE
Set the database file (default: hsecscan.db).
-d 'POST data', --postdata 'POST data'
Set the POST data (between single quotes) otherwise
will be a GET (example: '{ "q":"query string",
"foo":"bar" }').
-x PROXY, --proxy PROXY
Set the proxy server (example: 192.168.1.1:8080).
-a, --all Print details for all response headers. Good for check
the related RFC.
More Info: here
[button size=large style=round color=red align=none url=https://github.com/riramar/hsecscan]Download hsecscan[/button]