Skip to main content

Command-line security checks: TLS, HTTP security headers, DNS/email posture and subdomain discovery — run locally, no account needed.

Project description

secably

Quick security checks from your terminal — TLS certificates, HTTP security headers, DNS/email posture, and subdomain discovery. The everyday checks run locally on your machine, with no account and no rate limit. Heavier scans (full website vulnerability scan, port scan) use the free Secably API.

pip install secably          # core checks (zero dependencies)
pip install "secably[dns]"   # adds MX/TXT/SPF/DMARC/DNSSEC via dnspython

Usage

# TLS certificate + negotiated protocol, with a CI-friendly expiry gate
secably ssl example.com
secably ssl example.com --fail-if-expires 14

# Grade the HTTP security headers A–F (fail a build below B)
secably headers https://example.com
secably headers example.com --fail-below B

# DNS records + email spoofing posture (SPF / DMARC / DNSSEC)
secably dns example.com

# Passive subdomain discovery via Certificate Transparency (crt.sh)
secably subdomains example.com --resolve

# Hosted port / website vulnerability scan (needs a free API key)
secably scan example.com --type website

Add --json to any command for machine-readable output — handy in pipelines.

Local vs. hosted

Command Where it runs Account needed
ssl, headers, dns, subdomains your machine no
scan (website / port) Secably API free API key

The local commands never touch Secably's servers, so there's no quota to hit. The scan command runs deeper, server-side checks; create a free key at https://secably.com/dashboard/api-keys/ and pass it via --api-key or the SECABLY_API_KEY environment variable. Free keys include a daily allowance; paid plans lift it.

Use in CI

Both ssl --fail-if-expires and headers --fail-below exit non-zero on failure, so they drop straight into a pipeline:

- run: pipx run secably ssl your-domain.com --fail-if-expires 21
- run: pipx run secably headers https://your-domain.com --fail-below B

For always-on monitoring of certificate expiry, new subdomains and open ports between deploys, Secably runs the same checks continuously and alerts you: https://secably.com/?utm_source=cli&utm_medium=github&utm_campaign=secably-cli

License

MIT — see LICENSE.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

secably-0.1.0.tar.gz (14.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

secably-0.1.0-py3-none-any.whl (15.0 kB view details)

Uploaded Python 3

File details

Details for the file secably-0.1.0.tar.gz.

File metadata

  • Download URL: secably-0.1.0.tar.gz
  • Upload date:
  • Size: 14.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for secably-0.1.0.tar.gz
Algorithm Hash digest
SHA256 5cda3d4a73a9676397b00599830f01a7d24acd92929a795808509b2806b9531d
MD5 6d81f8e5b45154e19df44a6a8171b843
BLAKE2b-256 b9c28f0fac8361f45bd0a9166f38fc94f72b1142b0a20570968d9777fb91c74a

See more details on using hashes here.

File details

Details for the file secably-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: secably-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 15.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for secably-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 08e90332f927bffc75912d01ccbce75f05541a3b068b1819248cb9006033bb5e
MD5 cad18fedb3530dfeb295e80c18d921d1
BLAKE2b-256 fb4ba7beeac865323b9bb0349b4e6a8d31511e420982a40f2744b304e578c249

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page