{"id":18616038,"url":"https://github.com/bjoern-hempel/bash-securizer","last_synced_at":"2026-05-16T08:38:16.788Z","repository":{"id":110076315,"uuid":"203832283","full_name":"bjoern-hempel/bash-securizer","owner":"bjoern-hempel","description":"A tool to check the security of web applications.","archived":false,"fork":false,"pushed_at":"2019-09-20T12:04:12.000Z","size":77,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-05-17T02:06:12.510Z","etag":null,"topics":["bash","dns","email","header","security","security-tools","websecurity"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bjoern-hempel.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-08-22T16:23:27.000Z","updated_at":"2019-09-20T12:04:14.000Z","dependencies_parsed_at":"2023-04-05T19:17:25.900Z","dependency_job_id":null,"html_url":"https://github.com/bjoern-hempel/bash-securizer","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/bjoern-hempel/bash-securizer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bjoern-hempel%2Fbash-securizer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bjoern-hempel%2Fbash-securizer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bjoern-hempel%2Fbash-securizer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bjoern-hempel%2Fbash-securizer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bjoern-hempel","download_url":"https://codeload.github.com/bjoern-hempel/bash-securizer/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bjoern-hempel%2Fbash-securizer/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265563009,"owners_count":23788629,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bash","dns","email","header","security","security-tools","websecurity"],"created_at":"2024-11-07T03:33:53.000Z","updated_at":"2026-05-16T08:38:11.757Z","avatar_url":"https://github.com/bjoern-hempel.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Bash Webapplication Securizer\n\nA tool to check the security of web applications.\n\n## Installation\n\n```bash\nuser$ sudo mkdir /opt/bash-securizer\nuser$ sudo chown $(id -un):$(id -gn) /opt/bash-securizer \u0026\u0026 chmod 775 /opt/bash-securizer\nuser$ git clone git@github.com:bjoern-hempel/bash-securizer.git /opt/bash-securizer/.\nuser$ sudo ln -s /opt/bash-securizer/bin/check /usr/local/bin/bash-securizer\nuser$ bash-securizer --help\n```\n\n## Update\n\n```bash\nuser$ cd /opt/bash-securizer \u0026\u0026 git pull\n```\n\n## Uninstalling\n\n```bash\nuser$ sudo rm /usr/local/bin/bash-securizer\nuser$ sudo rm -r /opt/bash-securizer\n```\n\n## Basics\n\n```bash\nuser$ bash-securizer --help\nUsage: bash-securizer [OPTIONS] url\n\n This script checks a given url for security.\n\nOptions\n --show-informations Show all informations next to the test.\n --show-dns Show the dns settings next to the test.\n --show-header Show all headers next to the test.\n --show-software Show the software installation next to the test.\n --show-all Show all informations.\n\n -b, --bash Returns the result in bash text format.\n -j, --json Returns the result in JSON format.\n -m, --markdown Returns the result in MARKDOWN format.\n\n --show-test-count Only shows the test count results\n --show-test-percent Only shows the percent value of test result\n --show-test-label Only shows the test label\n\n --verbose Switch this script into verbose mode.\n -h, --help Shows this help.\n -v, --version Shows the version number.\n\n```\n\n### Simply run the tool\n\n```bash\nuser$ bash-securizer ressourcenmangel.de\n\n[http status] HTTP status code 200: Test passed.\n[ssl] HTTPS check: Test passed.\n[ssl] SSL certificate check: Test passed.\n[header] X-Powered-By: Test passed.\n[header] X-Generator: Test passed.\n[header] Cookie Security: Test passed.\n[header] HTTP Strict Transport Security: Test passed.\n[header] Content-Security-Policy: Test passed.\n[header] X-XSS-Protection Header: Test passed.\n[header] X-Content-Type-Options: Test passed.\n[header] X-Frame-Options: Test passed.\n[header] Referrer-Policy: Test passed.\n[header] Feature-Policy: Test passed.\n[header] Server-Header: Test passed.\n[html] Secure-Links: Test passed.\n[html] Metadata: Test passed.\n---------------------------------------------------------------\n[summary] State: Test passed.\n```\n\n### Show some more informations and hints\n\n```bash\nuser$ bash-securizer ressourcenmangel.de --verbose\n\n[http status] HTTP status code 200: Test passed.\n[ssl] HTTPS check: Test passed.\n[ssl] SSL certificate check: Test passed.\n → 56 days left\n[header] X-Powered-By: Test passed.\n[header] X-Generator: Test passed.\n[header] Cookie Security: Test passed.\n[header] HTTP Strict Transport Security: Test passed.\n[header] Content-Security-Policy: Test passed. (But check the following warnings)\n → It is not recommend to use the setting \"unsafe-inline\".\n[header] X-XSS-Protection Header: Test passed.\n[header] X-Content-Type-Options: Test passed.\n[header] X-Frame-Options: Test passed.\n[header] Referrer-Policy: Test passed.\n[header] Feature-Policy: Test passed.\n[header] Server-Header: Test passed. (But check the following warnings)\n → If possible, disable the following content: \"Apache\"\n[html] Secure-Links: Test passed.\n[html] Metadata: Test passed.\n---------------------------------------------------------------\n[summary] State: Test passed.\n → 16/16 tests passed.\n```\n\n### Show all information collected next to the test\n\n```bash\nuser$ bash-securizer ressourcenmangel.de --show-all --verbose\n\n===============================================================\nINFORMATIONS:\n===============================================================\nCheck index: 93%\nCheck index degraded: 93%\nLabel: A-\nGiven address: ressourcenmangel.de\nUsed address: http://ressourcenmangel.de\nLast redirect: https://www.ressourcenmangel.de/startseite.html\nSecure connection: yes\nValid days ssl certificate: 56\nHeader size: 1041 Byte\nBody size: 80923 Byte\nFull domain: www.ressourcenmangel.de\nDomain: ressourcenmangel.de\nIP address: 87.230.85.104\nNameserver: ns1.hans.hosteurope.de\n ns2.hans.hosteurope.de\nProvider: Hosteurope GmbH\nSuccessful tests: 16\nFailed tests: 0\nTotal number of tests: 16\nExecuting operating system: mac\n===============================================================\n\n\n===============================================================\nINSTALLED SOFTWARE:\n===============================================================\nawk: [ installed ] → version: awk version 20070501\nbc: [ installed ] → version: bc 1.06\ncat: [ installed ]\ncurl: [ installed ] → version: curl 7.65.2 (x86_64-apple-darwin13.4.0) libcurl/7.65.2 OpenSSL/1.1.1c zlib/1.2.11 libssh2/1.8.2\ncut: [ installed ]\ngrep: [ installed ] → version: grep (BSD grep) 2.5.1-FreeBSD\nhead: [ installed ]\nhost: [ installed ]\nopenssl: [ installed ] → version: OpenSSL 1.1.1c 28 May 2019\nprintf: [ installed ]\nrev: [ installed ]\nsed: [ installed ]\nsort: [ installed ] → version: 2.3-Apple (99)\ntail: [ installed ]\ntr: [ installed ]\nwc: [ installed ]\nwhois: [ installed ]\nxargs: [ installed ]\nxmllint: [ installed ] → version: xmllint: using libxml version 20909\n===============================================================\n\n\n===============================================================\nDNS SETTINGS:\n===============================================================\nTrying \"ressourcenmangel.de\"\n;; -\u003e\u003eHEADER\u003c\u003c- opcode: QUERY, status: NOERROR, id: 60612\n;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 0\n\n;; QUESTION SECTION:\n;ressourcenmangel.de.\t\tIN\tANY\n\n;; ANSWER SECTION:\nressourcenmangel.de.\t19072\tIN\tNS\tns1.hans.hosteurope.de.\nressourcenmangel.de.\t19072\tIN\tNS\tns2.hans.hosteurope.de.\nressourcenmangel.de.\t19072\tIN\tMX\t1 ressourcenmangel-de.mail.protection.outlook.com.\nressourcenmangel.de.\t19072\tIN\tTXT\t\"v=spf1 a include:spf.protection.outlook.com a:mailrelay.netways.de ~all\"\nressourcenmangel.de.\t19072\tIN\tTXT\t\"google-site-verification=mLLc8XJ7vSatpZ1MsGp585mBiVQu9UKT9N5SWLAzkls\"\nressourcenmangel.de.\t32\tIN\tSOA\tns1.hans.hosteurope.de. hostmaster.ressourcenmangel.de. 2019050217 16384 2048 1048576 2560\nressourcenmangel.de.\t19072\tIN\tA\t87.230.85.104\nressourcenmangel.de.\t19072\tIN\tAAAA\t2a01:488:66:1000:57e6:5568::1\n\nReceived 408 bytes from 8.8.8.8#53 in 35 ms\n===============================================================\n\n\n===============================================================\nHEADER:\n===============================================================\n01 HTTP/1.1 200 Ok\n02 Date: Thu, 12 Sep 2019 21:27:13 GMT\n03 Server: Apache\n04 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload\n05 Feature-Policy: geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; vr 'none'; speaker 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'\n06 Expires: Fri, 06 Jun 1975 15:10:00 GMT\n07 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\n08 Pragma: no-cache\n09 Vary: User-Agent,Accept-Encoding\n10 Last-Modified: Thu, 12 Sep 2019 21:27:13 GMT\n11 Set-Cookie: __HOST-PHPSESSID=vpgk5veesi2ubtrd11p7jehgm6; path=/; secure; HttpOnly; SameSite=Lax\n12 Content-Security-Policy: script-src-elem 'self' https://code.jquery.com https://ajax.googleapis.com https://fonts.googleapis.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline';\n13 X-XSS-Protection: 1; mode=block\n14 X-Content-Type-Options: nosniff\n15 X-Frame-Options: SAMEORIGIN\n16 Referrer-Policy: no-referrer-when-downgrade\n17 Content-Type: text/html; charset=utf-8\n===============================================================\n\n\n===============================================================\nTESTS:\n===============================================================\n[http status] HTTP status code 200: Test passed.\n[ssl] HTTPS check: Test passed.\n[ssl] SSL certificate check: Test passed.\n → 56 days left\n[header] X-Powered-By: Test passed.\n[header] X-Generator: Test passed.\n[header] Cookie Security: Test passed.\n[header] HTTP Strict Transport Security: Test passed.\n[header] Content-Security-Policy: Test passed. (But check the following warnings)\n → It is not recommend to use the setting \"unsafe-inline\".\n[header] X-XSS-Protection Header: Test passed.\n[header] X-Content-Type-Options: Test passed.\n[header] X-Frame-Options: Test passed.\n[header] Referrer-Policy: Test passed.\n[header] Feature-Policy: Test passed.\n[header] Server-Header: Test passed. (But check the following warnings)\n → If possible, disable the following content: \"Apache\"\n[html] Secure-Links: Test passed.\n[html] Metadata: Test passed.\n---------------------------------------------------------------\n[summary] State: Test passed.\n → 16/16 tests passed.\n===============================================================\n\n```\n\n## Some integration modes\n\nThe integration modes are intended to integrate this script into other test scripts. This allows tests to be carried out automatically and the test results to be read in easily. Successful tests show the exit code 0. Executions with at least one failed test return the exit code 1.\n\n### Show the number of passed tests\n\n```bash\nuser$ bash-securizer ressourcenmangel.de --show-test-count\n16/16\n```\n\n### Show the percentage of passed tests\n\n```bash\nuser$ bash-securizer ressourcenmangel.de --show-test-percent\n93%\n```\n\n### Show the test label\n\n```bash\nuser$ bash-securizer ressourcenmangel.de --show-test-label\nA-\n```\n\n### Combine the outputs\n\n```bash\nuser$ bash-securizer ressourcenmangel.de --show-test-count --show-test-percent --show-test-label\n16/16 93% A-\n```\n\n## A. Authors\n\n* **Björn Hempel** - *Initial work* - [Björn Hempel](https://github.com/bjoern-hempel)\n\n## B. License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details\n\n## C. Closing words\n\nHave fun! :)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbjoern-hempel%2Fbash-securizer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbjoern-hempel%2Fbash-securizer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbjoern-hempel%2Fbash-securizer/lists"}