-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathcheckheaders.py
More file actions
executable file
·98 lines (80 loc) · 3.67 KB
/
checkheaders.py
File metadata and controls
executable file
·98 lines (80 loc) · 3.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
#!/usr/bin/python
import requests,argparse,sys
parser = argparse.ArgumentParser()
parser.add_argument('-u', '--URL', help='Put your URL here', required=False)
parser.add_argument('-f', '--file', help='What file?', required=False)
parser.add_argument('-d', '--debug', '-v', '--verbose', help='Be a bit more verbose', required=False)
args = parser.parse_args()
#if args.debug:
# print args.URL
# print args.file
#
if not args.URL:
for url in open("sites.txt"):
try:
r = requests.head(url.rstrip(), allow_redirects=True)
print r.headers
print "------------------------------------------"
print "Site Headers Being Checked:", url
if 'Strict-Transport-Security' in r.headers:
print "Strict-Transport-Security:", r.headers['Strict-Transport-Security']
else:
print "Strict-Transport-Security Not Present"
if 'X-XSS-Protection' in r.headers:
print "X-XSS-Protection:", r.headers['X-XSS-Protection']
else:
print "X-XSS-Protection Not Present"
if 'X-Content-Type-Options' in r.headers:
print "X-Content-Type-Options:", r.headers['X-Content-Type-Options']
else:
print "X-Content-Type-Options Not Present"
if 'X-Frame-Options' in r.headers:
print "X-Frame-Options:", r.headers['X-Frame-Options']
else:
print "X-Frame-Options Not Present"
if 'Content-Security-Policy' in r.headers:
print "Content-Security-Policy:", r.headers['Content-Security-Policy']
else:
print "Content-Security-Policy Not Present"
if 'Public-Key-Pins' in r.headers:
print "Public-Key-Pins:", r.headers['Public-Key-Pins']
else:
print "Public-Key-Pins Not Present"
print "------------------------------------------","\n"
except:
print "Unknown Exception:",sys.exc_info()[0]
raise
else:
r = requests.head(args.URL.rstrip())
print r.headers
print "------------------------------------------"
print "Site Headers Being Checked:", args.URL
if 'Strict-Transport-Security' in r.headers:
print "Strict-Transport-Security:", r.headers['Strict-Transport-Security']
else:
print "Strict-Transport-Security Not Present"
if 'X-XSS-Protection' in r.headers:
print "X-XSS-Protection:", r.headers['X-XSS-Protection']
else:
print "X-XSS-Protection Not Present"
if 'X-Content-Type-Options' in r.headers:
print "X-Content-Type-Options:", r.headers['X-Content-Type-Options']
else:
print "X-Content-Type-Options Not Present"
if 'X-Frame-Options' in r.headers:
print "X-Frame-Options:", r.headers['X-Frame-Options']
else:
print "X-Frame-Options Not Present"
if 'Content-Security-Policy' in r.headers:
print "Content-Security-Policy:", r.headers['Content-Security-Policy']
else:
print "Content-Security-Policy Not Present"
if 'Public-Key-Pins' in r.headers:
print "Public-Key-Pins:", r.headers['Public-Key-Pins']
else:
print "Public-Key-Pins Not Present"
if 'X-Clacks-Overhead' in r.headers:
print "X-Clacks-Overhead:", r.headers['X-Clacks-Overhead']
else:
print "X-Clacks-Overhead Not Present"
print "------------------------------------------","\n"