Shcheck – Tool To Scan Security Headers Of Any Website

Posted: June 14, 2020 in Linux, Networking

HTTP security headers always provide an extra layer of security by helping to mitigate attacks and security vulnerabilities.

During the last few years, a number of new HTTP headers have been introduced whose purpose is to help to enhance the security of a website.

Command HTTP Security Headers –

1. Content-security-policy
2. X-xss-protection
3. Strict-transport-security
4. X-frame-options
5. Public-key-pins
6. X-content-type

Installation of Shcheck –

You can easily install shcheck script which is python based script from Github directly.

Command: git clone https://github.com/m3liot/shcheck.git

 

Give the full permissions to shcheck.py script with the help of “chmod +x shcheck.py“.

To run this script, simply type “./shcheck.py <Your target>

You can also analyze or scan all headers online from HTTP HEADER CHECK.

Here is the list of other sites/tools through which you can also scan the security headers of any website.

  1. Chrome Dev Tools
  2. Securityheaders.io (our fav website)
Feel free to leave a comment below or reach me on Instagram @iamshubhamkumar__.

 

Posted by Shubham ;)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.