HTTP Security Header Checker
Project description
SéCh3r v4.9
A Security HTTP-Header Checker. # Demoisturize it!
What's this?
This is a tool, used in order to determine the presence of Security HTTP-Headers along with version disclosure checks.
Features
- Checks if security headers are present
- Checks if Version Disclosure headers are present
- Have got a fancy output
- Will Google you for CVEs (from the disclosed version number via HTTP Headers)
- Have got silent mode, in case you wanna see only URL and headers
- Verbose mode, if you want to inspect whole HTTP Header response
- No redirect mode, in case don't wanna redirect
- Insecure mode, if you wanna ignore TLS/SSL warnings
- No color mode, in case escapes sequences are creating issues
- Can also take file input, for several URLs to be tested for HTTP Headers
- Can also save the output, in the form of JSON File
Install
In order to get this tool running, follow the instruction below:
Installation via pip
$ python3 -m pip install sech3r # Super User permission, accordingly.
Installation via GitHub
$ git clone https://github.com/naryal2580/sech3r.git
$ cd sech3r
$ python3 setup.py install # Super User permission, accordingly.
Use without installation
$ git clone https://github.com/naryal2580/sech3r.git
$ cd sech3r
$ python3 -m pip install -U -r requirements.txt # Super User permission, accordingly.
$ python3 ./sech3r.py
Usage
Just provide the command line arguments accordingly, and Demoisturize it! :p
$ sech3r -h
/ __ ____
() _ / () |) __/ ,_
/\ |/| |/\ \/ |
/(_)|_/\___/| |/\__/ |/
Usage:
sech3r [--verbose] [--searchForVuln] [--noRedirects] [--insecure] [--noColor] [--quiet] [--output <filename>]
sech3r <urls>... [--verbose] [--searchForVuln] [--noRedirects] [--insecure] [--noColor] [--quiet] [--output <filename>]
sech3r [--verbose] [--searchForVuln] [--noRedirects] [--insecure] [--noColor] [--quiet] [--input <filename>] [--output <filename>]
sech3r -h | --help
sech3r -V | --version
Options:
-h --help Display help, basically this screen.
-V --version Display version number.
<urls> Optional URL(s) input from the Command-Line.
-v --verbose Show verbose output.
-s --searchForVuln Open Default WebBrowser, Googling for Vulnerabilities.
-r --noRedirects Do not follow HTTP-redirects.
-k --insecure Bypass TLS/SSL verification.
-c --noColor No Colours to be used for the Output.
-q --quiet Silent Mode, nothing else not even colors.
-i --input <filename> Take URLs from a file, Single URL per line
-o --output <filename> Save output to a file, a JSON output of headers
Examples:
sech3r demo.testfire.net
sech3r demo.testfire.net -i in.json
sech3r demo.testfire.net -vs -o out.json
sech3r demo.testfire.net -vr
sech3r demo.testfire.net -c
sech3r demo.testfire.net -q
sech3r -vsirc
TODOs
- Additional Header Assesments for better output
</> with <3 --naryal2580
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
sech3r-4.9.tar.gz
(6.6 kB
view hashes)
Built Distribution
sech3r-4.9-py3-none-any.whl
(9.2 kB
view hashes)