# vulheader
A Python tool to check for missing HTTP security headers on websites. It can check for the presence of security headers like `Strict-Transport-Security`, `Content-Security-Policy`, `X-Frame-Options`, `X-Content-Type-Options`, `Referrer-Policy`, and `Permissions-Policy`.
## Installation
To install the package, run:
```bash
pip install vulheader
```
## Usage
You can use `vulheader` both as a Python package and as a command-line tool.
### As a Python Package
You can use the `check()` function to check for specific headers or all headers.
#### Check for a specific header
To check if a specific header is present or missing, use the following code:
```python
import vulheader
url = "https://example.com"
result = vulheader.check(url, "Strict-Transport-Security")
if result == "missing":
print("Strict-Transport-Security: Missing")
else:
print("Strict-Transport-Security: Present")
```
You can replace `"Strict-Transport-Security"` with any of the following headers to check for their presence:
- `Strict-Transport-Security`
- `Content-Security-Policy`
- `X-Frame-Options`
- `X-Content-Type-Options`
- `Referrer-Policy`
- `Permissions-Policy`
#### Check all headers at once
You can also check for all security headers at once:
```python
import vulheader
url = "https://example.com"
header_status = vulheader.check(url)
for header, status in header_status.items():
print(f"{header}: {'Present' if status == 'present' else 'Missing'}")
```
### As a Command-Line Tool
Once installed, you can use `vulheader` directly from the command line to check the headers of a website.
#### Check for all headers
To check for all security headers:
```bash
vulheader --url https://example.com
```
#### Check for a specific header
To check for a specific header, use the `-H` option followed by the header name:
```bash
vulheader --url https://example.com -H "Strict-Transport-Security"
```
Replace `"Strict-Transport-Security"` with any of the following headers:
- `Strict-Transport-Security`
- `Content-Security-Policy`
- `X-Frame-Options`
- `X-Content-Type-Options`
- `Referrer-Policy`
- `Permissions-Policy`
-
#### Checking all headers:
```bash
Strict-Transport-Security: Missing
Content-Security-Policy: Present
X-Frame-Options: Missing
X-Content-Type-Options: Missing
Referrer-Policy: Missing
Permissions-Policy: Missing
```
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
Raw data
{
"_id": null,
"home_page": "https://mrfidal.in/cyber-security/vulheader",
"name": "vulheader",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": null,
"keywords": "security headers, web security, HTTP headers, Strict-Transport-Security, Content-Security-Policy, X-Frame-Options, Referrer-Policy, vulnerability scanner, website security",
"author": "MrFidal",
"author_email": "mrfidal@proton.me",
"download_url": "https://files.pythonhosted.org/packages/d8/53/381f0ccbfa39543facf5362531d30408d0315b3a6d30f2fb6d270f1c2773/vulheader-1.0.1.tar.gz",
"platform": null,
"description": "# vulheader\r\n\r\nA Python tool to check for missing HTTP security headers on websites. It can check for the presence of security headers like `Strict-Transport-Security`, `Content-Security-Policy`, `X-Frame-Options`, `X-Content-Type-Options`, `Referrer-Policy`, and `Permissions-Policy`.\r\n\r\n## Installation\r\n\r\nTo install the package, run:\r\n\r\n```bash\r\npip install vulheader\r\n```\r\n\r\n## Usage\r\n\r\nYou can use `vulheader` both as a Python package and as a command-line tool.\r\n\r\n### As a Python Package\r\n\r\nYou can use the `check()` function to check for specific headers or all headers.\r\n\r\n#### Check for a specific header\r\n\r\nTo check if a specific header is present or missing, use the following code:\r\n\r\n```python\r\nimport vulheader\r\n\r\nurl = \"https://example.com\"\r\n\r\nresult = vulheader.check(url, \"Strict-Transport-Security\")\r\nif result == \"missing\":\r\n print(\"Strict-Transport-Security: Missing\")\r\nelse:\r\n print(\"Strict-Transport-Security: Present\")\r\n```\r\n\r\nYou can replace `\"Strict-Transport-Security\"` with any of the following headers to check for their presence:\r\n\r\n- `Strict-Transport-Security`\r\n- `Content-Security-Policy`\r\n- `X-Frame-Options`\r\n- `X-Content-Type-Options`\r\n- `Referrer-Policy`\r\n- `Permissions-Policy`\r\n\r\n#### Check all headers at once\r\n\r\nYou can also check for all security headers at once:\r\n\r\n```python\r\nimport vulheader\r\n\r\nurl = \"https://example.com\"\r\n\r\nheader_status = vulheader.check(url)\r\n\r\nfor header, status in header_status.items():\r\n print(f\"{header}: {'Present' if status == 'present' else 'Missing'}\")\r\n```\r\n\r\n### As a Command-Line Tool\r\n\r\nOnce installed, you can use `vulheader` directly from the command line to check the headers of a website.\r\n\r\n#### Check for all headers\r\n\r\nTo check for all security headers:\r\n\r\n```bash\r\nvulheader --url https://example.com\r\n```\r\n\r\n#### Check for a specific header\r\n\r\nTo check for a specific header, use the `-H` option followed by the header name:\r\n```bash\r\nvulheader --url https://example.com -H \"Strict-Transport-Security\"\r\n```\r\n\r\nReplace `\"Strict-Transport-Security\"` with any of the following headers:\r\n\r\n- `Strict-Transport-Security`\r\n- `Content-Security-Policy`\r\n- `X-Frame-Options`\r\n- `X-Content-Type-Options`\r\n- `Referrer-Policy`\r\n- `Permissions-Policy`\r\n- \r\n#### Checking all headers:\r\n\r\n```bash\r\nStrict-Transport-Security: Missing\r\nContent-Security-Policy: Present\r\nX-Frame-Options: Missing\r\nX-Content-Type-Options: Missing\r\nReferrer-Policy: Missing\r\nPermissions-Policy: Missing\r\n```\r\n\r\n## License\r\n\r\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\r\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "A Python tool for checking missing HTTP security headers for better web security.",
"version": "1.0.1",
"project_urls": {
"Documentation": "https://mrfidal.in/cyber-security/vulheader",
"Homepage": "https://mrfidal.in/cyber-security/vulheader",
"Source": "https://github.com/mr-fidal/vulheader",
"Tracker": "https://github.com/mr-fidal/vulheader/issues"
},
"split_keywords": [
"security headers",
" web security",
" http headers",
" strict-transport-security",
" content-security-policy",
" x-frame-options",
" referrer-policy",
" vulnerability scanner",
" website security"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "be8e075451b8623740c808e76711014b020a2ca6a9af81e29dec059cab9d2b58",
"md5": "c5a8b17d18cb86f010d83641ae3ec142",
"sha256": "070d650fa5008a6c86a6d701cab68616d3f48f99fb3e70fc946b408231591ca9"
},
"downloads": -1,
"filename": "vulheader-1.0.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "c5a8b17d18cb86f010d83641ae3ec142",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 3730,
"upload_time": "2024-11-27T19:20:57",
"upload_time_iso_8601": "2024-11-27T19:20:57.438428Z",
"url": "https://files.pythonhosted.org/packages/be/8e/075451b8623740c808e76711014b020a2ca6a9af81e29dec059cab9d2b58/vulheader-1.0.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "d853381f0ccbfa39543facf5362531d30408d0315b3a6d30f2fb6d270f1c2773",
"md5": "7f32fe93a7756b43d122b6e26c1a9b8d",
"sha256": "a44da58111142d6419b947ec8e987fc03f758b1cda5627af413f9cb60b2613fb"
},
"downloads": -1,
"filename": "vulheader-1.0.1.tar.gz",
"has_sig": false,
"md5_digest": "7f32fe93a7756b43d122b6e26c1a9b8d",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 3381,
"upload_time": "2024-11-27T19:20:59",
"upload_time_iso_8601": "2024-11-27T19:20:59.580500Z",
"url": "https://files.pythonhosted.org/packages/d8/53/381f0ccbfa39543facf5362531d30408d0315b3a6d30f2fb6d270f1c2773/vulheader-1.0.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-11-27 19:20:59",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "mr-fidal",
"github_project": "vulheader",
"github_not_found": true,
"lcname": "vulheader"
}