Skip to content

0xDarkwaveSiren/0xSecHeaders

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
secheaders.py
secheaders.py
 
 

Repository files navigation

0xSecHeaders - Security Headers Analyzer

Professional security tool for analyzing HTTP security headers and identifying missing security controls

A Python-based command-line tool for security researchers, penetration testers, and developers to quickly assess the security posture of web applications by analyzing their HTTP response headers.

Python License Maintenance

🎯 Purpose

SecHeaders helps identify missing or misconfigured security headers that could leave web applications vulnerable to common attacks. This tool is designed for:

  • Security professionals conducting web application assessments
  • Developers implementing security best practices
  • DevOps engineers hardening production systems
  • Bug bounty hunters during reconnaissance

✨ Features

  • ✅ Checks for 12+ critical security headers
  • ✅ Color-coded output for quick assessment
  • ✅ Detailed explanations of each header's purpose
  • ✅ Risk rating for missing headers
  • ✅ Remediation recommendations
  • ✅ Support for single URLs or bulk scanning
  • ✅ JSON export for reporting
  • ✅ Zero dependencies (uses only Python standard library)

🔍 Headers Analyzed

Header Purpose Risk if Missing
Strict-Transport-Security (HSTS) Force HTTPS connections Medium
X-Frame-Options Prevent clickjacking Medium
X-Content-Type-Options Prevent MIME sniffing Low
Content-Security-Policy (CSP) Mitigate XSS attacks High
X-XSS-Protection Legacy XSS protection Low
Referrer-Policy Control referrer information Low
Permissions-Policy Control browser features Low
Cross-Origin-Opener-Policy Isolate browsing context Medium
Cross-Origin-Embedder-Policy Enable SharedArrayBuffer Low
Cross-Origin-Resource-Policy Protect resources Medium
Cache-Control Control caching behavior Medium
Set-Cookie (Secure/HttpOnly) Secure cookie attributes High

🚀 Quick Start

Installation

# Clone the repository
git clone https://github.com/0xDarkwaveSiren/SecHeaders.git
cd SecHeaders

# No additional dependencies needed!
python secheaders.py --help

Basic Usage

# Scan a single URL
python secheaders.py https://example.com

# Scan multiple URLs from file
python secheaders.py --file urls.txt

# Export results to JSON
python secheaders.py https://example.com --json report.json

# Verbose mode with recommendations
python secheaders.py https://example.com --verbose

📖 Example Output

[*] Analyzing: https://example.com

Security Headers Analysis:
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

✅ Strict-Transport-Security: Present
   Value: max-age=31536000; includeSubDomains

❌ Content-Security-Policy: Missing [HIGH RISK]
   Recommendation: Implement CSP to prevent XSS attacks

✅ X-Frame-Options: Present
   Value: DENY

⚠️  X-Content-Type-Options: Present but weak
   Value: nosniff
   Recommendation: Consider stricter configuration

Security Score: 7/12 (58%)
Overall Rating: MEDIUM RISK

[!] 3 critical headers missing
[!] 2 headers need improvement

🛠️ Usage Examples

Example 1: Quick Scan

python secheaders.py https://target.com

Example 2: Bulk Scanning

# Create urls.txt with one URL per line
echo "https://site1.com" > urls.txt
echo "https://site2.com" >> urls.txt
python secheaders.py --file urls.txt

Example 3: Generate Report

python secheaders.py https://target.com --json report.json --verbose

🎓 What Each Header Protects Against

High Priority Headers

Content-Security-Policy (CSP)

  • Protects: Cross-Site Scripting (XSS), data injection attacks
  • Recommended Value: default-src 'self'; script-src 'self'

Strict-Transport-Security (HSTS)

  • Protects: Man-in-the-middle attacks, protocol downgrade attacks
  • Recommended Value: max-age=31536000; includeSubDomains; preload

Secure & HttpOnly Cookie Flags

  • Protects: Session hijacking, XSS-based cookie theft
  • Recommended Value: Set-Cookie: session=abc123; Secure; HttpOnly; SameSite=Strict

Medium Priority Headers

X-Frame-Options

  • Protects: Clickjacking attacks
  • Recommended Value: DENY or SAMEORIGIN

Cross-Origin-Opener-Policy (COOP)

  • Protects: Cross-origin attacks, Spectre-type vulnerabilities
  • Recommended Value: same-origin

Low Priority Headers

X-Content-Type-Options

  • Protects: MIME-type sniffing attacks
  • Recommended Value: nosniff

Referrer-Policy

  • Protects: Information leakage through referrer
  • Recommended Value: no-referrer or strict-origin-when-cross-origin

📊 Understanding the Results

Security Score Calculation:

  • Each present and properly configured header: +1 point
  • Missing critical headers (CSP, HSTS, Cookie flags): -2 points
  • Weak configurations: +0.5 points

Risk Ratings:

  • LOW RISK: 10-12/12 (83%+)
  • MEDIUM RISK: 7-9/12 (58-75%)
  • HIGH RISK: 4-6/12 (33-50%)
  • CRITICAL: 0-3/12 (<25%)

🔧 Advanced Features

Custom Header Checks

You can extend the tool to check for custom headers:

# Add to custom_headers.json
{
  "X-Custom-Security": {
    "description": "Your custom security header",
    "risk": "medium",
    "recommendation": "Configure appropriately"
  }
}

Integration with CI/CD

# Example GitHub Actions workflow
name: Security Headers Check
on: [push, pull_request]
jobs:
  security-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Run SecHeaders
        run: |
          python secheaders.py https://your-staging-site.com
          # Fail if score below threshold

🎯 Use Cases

For Penetration Testers

  • Quick reconnaissance during web app assessments
  • Identify low-hanging fruit in security posture
  • Generate professional findings for reports

For Developers

  • Verify security header implementation
  • Ensure best practices during development
  • Catch missing headers before production

For Bug Bounty Hunters

  • Rapid scanning of multiple targets
  • Identify missing headers worth reporting
  • Track improvements over time

For Security Teams

  • Regular monitoring of production systems
  • Compliance checking (PCI-DSS, HIPAA, etc.)
  • Track security improvements across organization

📚 Learning Resources

To learn more about HTTP security headers:

🛡️ Responsible Use

Important Notes:

  • Only scan systems you own or have explicit permission to test
  • This tool performs passive reconnaissance (HTTP GET requests only)
  • Always follow responsible disclosure practices
  • Respect rate limits and terms of service

Legal Disclaimer: This tool is provided for educational and authorized security testing purposes only. Users are responsible for ensuring they have proper authorization before scanning any systems. Unauthorized security testing is illegal in most jurisdictions.

🤝 Contributing

Contributions are welcome! Areas for improvement:

  • Add more security headers
  • Implement SSL/TLS checks
  • Add subdomain scanning
  • Create web interface
  • Add more export formats (PDF, HTML)

📝 Changelog

v1.0.0 (Current)

  • Initial release
  • Support for 12 security headers
  • JSON export functionality
  • Color-coded terminal output

👤 Author

Andrea (@0xDarkwaveSiren)

🙏 Acknowledgments

Thanks to the security community for developing and documenting these security best practices. This tool aims to make implementing them easier for everyone.

Remember: Security headers are just one layer of defense. Always implement defense in depth! 🛡️

📌 Quick Reference

# Basic scan
python secheaders.py https://target.com

# Bulk scan
python secheaders.py --file urls.txt

# Verbose output
python secheaders.py https://target.com -v

# Export to JSON
python secheaders.py https://target.com --json report.json

# Show help
python secheaders.py --help

About

Lightweight security headers analyzer for penetration testers and developers - Python CLI tool with zero dependencies

Topics

python pentesting security-tools httpheaders

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages