Skip to main content

A basic tool to check security headers of a website

Project description

shcheck - Security Header Check

PyPI Pypi Updated Output on Facebook

Check security headers on a target website

I did this tool to help me to check which security headers are enabled on certain websites.

The tool is very simple and it's the result of few minutes of coding.

It just check headers and print a report about which are enabled and which not

I think there is a lot to improve, and I will be grateful if somebody wants to help

How to run:

Pypi

pip3 install shcheck
shcheck.py https://insecurity.blog

Docker

First build your docker container using something like this:

docker build -t shcheck .

Then simply run your docker container using something like this where you specify which website you want to check headers on:

docker run -it --rm shcheck https://insecurity.blog

From source

git clone https://github.com/santoru/shcheck && cd shcheck
./shcheck.py https://insecurity.blog

Standalone script

If you want to run shcheck as a standalone script, just grab the shcheck.py script from the shcheck module/folder and copy it around.

Usage

Usage: ./shcheck.py [options] <target>

Options:
  -h, --help            show this help message and exit
  -p PORT, --port=PORT  Set a custom port to connect to
  -c COOKIE_STRING, --cookie=COOKIE_STRING
                        Set cookies for the request
  -a HEADER_STRING, --add-header=HEADER_STRING
                        Add headers for the request e.g. 'Header: value'
  -d, --disable-ssl-check
                        Disable SSL/TLS certificate validation
  -g, --use-get-method  Use GET method instead HEAD method
  -j, --json-output     Print the output in JSON format
  -i, --information     Display information headers
  -x, --caching         Display caching headers
  -k, --deprecated      Display deprecated headers
  --proxy=PROXY_URL     Set a proxy (Ex: http://127.0.0.1:8080)
  --hfile=PATH_TO_FILE  Load a list of hosts from a flat file
  --colours=COLOURS     Set up a colour profile [dark/light/none]
  --colors=COLOURS      Alias for colours for US English

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

shcheck-1.6.7.tar.gz (19.9 kB view details)

Uploaded Source

Built Distribution

shcheck-1.6.7-py3-none-any.whl (24.7 kB view details)

Uploaded Python 3

File details

Details for the file shcheck-1.6.7.tar.gz.

File metadata

  • Download URL: shcheck-1.6.7.tar.gz
  • Upload date:
  • Size: 19.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.0 CPython/3.9.19

File hashes

Hashes for shcheck-1.6.7.tar.gz
Algorithm Hash digest
SHA256 7853bcddb809a1d83ceda85cd6e9124d4acdcc1bbf582539990e0b7bfe1be5b2
MD5 5c15b1dc72c5a87f765e5e87149b20f0
BLAKE2b-256 5c6ce5a6ce1f287dfa3b155f5709f3bc0f95ec64ca1c396c55b04513bca25294

See more details on using hashes here.

File details

Details for the file shcheck-1.6.7-py3-none-any.whl.

File metadata

  • Download URL: shcheck-1.6.7-py3-none-any.whl
  • Upload date:
  • Size: 24.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.0 CPython/3.9.19

File hashes

Hashes for shcheck-1.6.7-py3-none-any.whl
Algorithm Hash digest
SHA256 982a80a4fb4d5365017fd53e3a80eef066adfecc158aa76bc384d0648c2dad5a
MD5 14b6323b1e81519385adbd70abf6bfc0
BLAKE2b-256 c46cd42e0c8f1fee9860b007c5c05a177896dedc9a8ca5817e74a68c546b4d42

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page