A basic tool to check security headers of a website
Project description
shcheck - Security Header Check
Check security headers on a target website
I did this tool to help me to check which security headers are enabled on certain websites.
The tool is very simple and it's the result of few minutes of coding.
It just check headers and print a report about which are enabled and which not
I think there is a lot to improve, and I will be grateful if somebody wants to help
How to run:
Pypi
pip3 install shcheck
shcheck.py https://insecurity.blog
Docker
First build your docker container using something like this:
docker build -t shcheck .
Then simply run your docker container using something like this where you specify which website you want to check headers on:
docker run -it --rm shcheck https://insecurity.blog
From source
git clone https://github.com/santoru/shcheck && cd shcheck
./shcheck.py https://insecurity.blog
Standalone script
If you want to run shcheck as a standalone script, just grab the shcheck.py script from the shcheck module/folder and copy it around.
Usage
Usage: ./shcheck.py [options] <target>
Options:
-h, --help show this help message and exit
-p PORT, --port=PORT Set a custom port to connect to
-c COOKIE_STRING, --cookie=COOKIE_STRING
Set cookies for the request
-a HEADER_STRING, --add-header=HEADER_STRING
Add headers for the request e.g. 'Header: value'
-d, --disable-ssl-check
Disable SSL/TLS certificate validation
-g, --use-get-method Use GET method instead HEAD method
-j, --json-output Print the output in JSON format
-i, --information Display information headers
-x, --caching Display caching headers
-k, --deprecated Display deprecated headers
--no-follow Do not follow HTTP redirects
--proxy=PROXY_URL Set a proxy (Ex: http://127.0.0.1:8080)
--hfile=PATH_TO_FILE Load a list of hosts from a flat file
--colours=COLOURS Set up a colour profile [dark/light/none]
--colors=COLOURS Alias for colours for US English
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file shcheck-1.7.tar.gz.
File metadata
- Download URL: shcheck-1.7.tar.gz
- Upload date:
- Size: 23.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.25
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5b0cd69b3cd796a1005cb74fb0ae21b582de346e0de8be10c1b9311a79105979
|
|
| MD5 |
593b7d3dbbe06b43c16c391eec600a72
|
|
| BLAKE2b-256 |
b8601ae14caec42e019b0da41609e63b13a610df058906db070dce57020bc53b
|
File details
Details for the file shcheck-1.7-py3-none-any.whl.
File metadata
- Download URL: shcheck-1.7-py3-none-any.whl
- Upload date:
- Size: 25.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.25
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
26be34c73816de85c493f55f09b9a94636e605228a371be58ead0bf62cfe5f7d
|
|
| MD5 |
6d18db3aff730d60d2cf18e6326ad738
|
|
| BLAKE2b-256 |
cd1b9027025ed93ee9ceac83d8a5ace1b8bcc649d360e48adb7a137f535dabf3
|
