https://github.com/jpiechowka/burp-security-headers-checker

Super simple Burp Suite extension adding passive scanner checks for missing security headers in server responses
https://github.com/jpiechowka/burp-security-headers-checker

burp burp-extensions burp-plugin burpsuite burpsuite-extender extension http-headers pentesting pentesting-tools plugin security-audit security-headers security-scanner security-tools

Last synced: 21 days ago
JSON representation

Super simple Burp Suite extension adding passive scanner checks for missing security headers in server responses

• Host: GitHub
• URL: https://github.com/jpiechowka/burp-security-headers-checker
• Owner: jpiechowka
• License: apache-2.0
• Created: 2019-10-01T14:11:07.000Z (about 5 years ago)
• Default Branch: master
• Last Pushed: 2020-02-03T10:52:24.000Z (almost 5 years ago)
• Last Synced: 2024-08-05T17:27:01.350Z (4 months ago)
• Topics: burp, burp-extensions, burp-plugin, burpsuite, burpsuite-extender, extension, http-headers, pentesting, pentesting-tools, plugin, security-audit, security-headers, security-scanner, security-tools
• Language: Java
• Size: 63.5 KB
• Stars: 6
• Watchers: 1
• Forks: 3
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-hacking-lists - jpiechowka/burp-security-headers-checker - Super simple Burp Suite extension adding passive scanner checks for missing security headers in server responses (Java)

README

        
# Burp Security Headers Checker

Super simple Burp Suite extension adding passive scanner checks for missing security headers in server responses

Headers checked:

* Content-Security-Policy (CSP)

* Feature-Policy

* Strict-Transport-Security (HSTS)

* X-Frame-Options

* X-Content-Type-Options

* X-XSS-Protection

* Referrer-Policy

### Building

To build release JAR with all dependencies (by using com.github.johnrengelman.shadow Gradle plugin) execute the command below from project root directory:

```./gradlew clean shadowJar```