Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/gaurabb/secureheaderscanner

Simple Python module to scan a list of web urls and provide a summary of security focussed HTTP response headers used.
https://github.com/gaurabb/secureheaderscanner

headers http security

Last synced: 3 months ago
JSON representation

Simple Python module to scan a list of web urls and provide a summary of security focussed HTTP response headers used.

Awesome Lists containing this project

README 

          
# HTTP Secure Header Scanner

Simple Python module that provides methods that accept url(s) and return a summary of security centric HTTP response headers that the server sets.



## Installation

Install the extension with using pip. [Pypi Link](https://pypi.python.org/pypi/secureheaderscanner)



```bash

$ pip install secureheaderscanner

```



## Usage instructions



### Importing as a module

```

from scan import *

::::

objScanUrl = scan()

:::::

objScanUrl.scanUrl()

:::::

objScanUrlsInFile = scan("url_list.txt")

result = objScanUrlsInFile.scanUrlsInFile()

```



## Headers scanned

- [Content-Security-Policy (CSP)](http://www.w3.org/TR/CSP2/) | 

- [X-Frame-Options](https://tools.ietf.org/html/draft-ietf-websec-x-frame-options-02)  |

- [X-XSS-Protection](http://msdn.microsoft.com/en-us/library/dd565647(v=vs.85).aspx) 

- [X-Content-Type-Options](http://msdn.microsoft.com/en-us/library/ie/gg622941(v=vs.85).aspx) |

- [Strict-Transport-Security (HSTS)](https://tools.ietf.org/html/rfc6797) |

- [X-Download-Options](http://msdn.microsoft.com/en-us/library/ie/jj542450(v=vs.85).aspx) |

- [X-Permitted-Cross-Domain-Policies](https://www.adobe.com/devnet/adobe-media-server/articles/cross-domain-xml-for-streaming.html) |