by meliot

meliot / shcheck

Just a basic tool to check security headers

139 Stars 36 Forks Last release: Not found GNU General Public License v3.0 69 Commits 0 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

Security Header Check

Just check security headers on a target website

I did this tool to help me to check which security headers are enabled on certain websites.

The tool is very simple and it's the result of few minutes of coding.

It just check headers and print a report about which are enabled and which not

I think there is a lot to improve, and I will be grateful if somebody wants to help :)

How to run:

First build your docker container using something like this:

docker build -t shcheck .

Then simply run your docker container using something like this where you specifiy which website you want to check headers on:

docker run -it --rm
Usage: ./ [options] 

Options: -h, --help show this help message and exit -p PORT, --port=PORT Set a custom port to connect to -c COOKIE_STRING, --cookie=COOKIE_STRING Set cookies for the request -a HEADER_STRING, --add-header=HEADER_STRING Add headers for the request e.g. 'Header: value' -d, --disable-ssl-check Disable SSL/TLS certificate validation -g, --use-get-method Use GET method instead HEAD method -j, --json-output Print the output in JSON format -i, --information Display information headers -x, --caching Display caching headers --proxy=PROXY_URL Set a proxy (Ex: --hfile=PATH_TO_FILE Load a list of hosts from a flat file

Expected output:

Output on Facebook

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.