Scan HTTP security headers
Project description
secheaders
Python script to check HTTP security headers
Same functionality as securityheaders.io but as Python script. Also checks some server/version headers. Written and tested using Python 3.8.
With minor modifications could be used as a library for other projects.
NOTE: The project renamed (2024-10-19) from securityheaders to secheaders to avoid confusion with PyPI package with similar name.
Installation
The following assumes you have Python installed and command python
refers to python version >= 3.8.
Run without installation
- Clone into repository
- Run
python -m secheaders
Installation
- Clone into repository
python -m build
pip install dist/secheaders-0.1.0-py3-none-any.whl
- Run
secheaders --help
Usage
$ secheaders --help
usage: secheaders [-h] [--max-redirects N] [--insecure] [--verbose] URL
Check HTTP security headers
positional arguments:
URL Target URL
options:
-h, --help show this help message and exit
--max-redirects N Max redirects, set 0 to disable (default: 2)
--insecure Do not verify TLS certificate chain (default: False)
--verbose, -v Verbose output (default: False)
Example output
$ secheaders example.com
Header 'x-frame-options' is missing [ WARN ]
Header 'strict-transport-security' is missing [ WARN ]
Header 'content-security-policy' is missing [ WARN ]
Header 'x-content-type-options' is missing [ WARN ]
Header 'x-xss-protection' is missing [ OK ]
Header 'referrer-policy' is missing [ WARN ]
Header 'permissions-policy' is missing [ WARN ]
server: ECAcc (nyd/D124) [ WARN ]
HTTPS supported [ OK ]
HTTPS valid certificate [ OK ]
HTTP -> HTTPS automatic redirect [ WARN ]
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
secheaders-0.1.0.tar.gz
(9.3 kB
view hashes)
Built Distribution
secheaders-0.1.0-py3-none-any.whl
(10.0 kB
view hashes)
Close
Hashes for secheaders-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | fa867fd27f13ec51b40b5d7b6f351d7e73dbde215ef13564d2513b35b7f22b33 |
|
MD5 | 8c7ce82a1fd07b47b090250de18b6e0f |
|
BLAKE2b-256 | cf8b24368149331ef343b0e15f482602f23a54f40a0ce6b89488738e0fed6e6c |