Shcheck – Tool To Scan Security Headers Of Any Website

Posted by

HTTP security headers always provide an extra layer of security by helping to mitigate attacks and security vulnerabilities.

During the last few years, a number of new HTTP headers have been introduced whose purpose is to help to enhance the security of a website.

Command HTTP Security Headers –

1. Content-security-policy
2. X-xss-protection
3. Strict-transport-security
4. X-frame-options
5. Public-key-pins
6. X-content-type

Installation of Shcheck –

You can easily install shcheck script which is python based script from Github directly.

Command: git clone https://github.com/m3liot/shcheck.git

 

Give the full permissions to shcheck.py script with the help of “chmod +x shcheck.py“.

To run this script, simply type “./shcheck.py <Your target>

You can also analyze or scan all headers online from HTTP HEADER CHECK.

Here is the list of other sites/tools through which you can also scan the security headers of any website.

  1. Chrome Dev Tools
  2. Securityheaders.io (our fav website)
Feel free to leave a comment below or reach me on Instagram @iamshubhamkumar__.

 

Posted by Shubham ;)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.