OWASP SecureHeaders Project
SecureHeaders project consist in two main modules:
- an engine to scan a list of sites fastly and with minimal resources;
- a web interface with a dashboard to view, search and customize besides
provide insight and feedback about the use of HTTP secure headers.
HTTP secure headers are resources known to some and despised by others.
However it's a fact that the versatility and security provided by feature can
help make web applications more secure.
The SecureHeaers webui provide an easyly way to see and search all data
gathering with scanner module. For now it's possible to see a dashboard
with main HTTP secure headers documented OWASP web page and also provide
a way to search secure headers set in each page analyzed as your adoption
by other users.
- docker engine
docker-compose up -d
notice: the module work, however it is under rebuild process to make it more effective,
robust and much better.
pip install -r requirements-txt
See the wiki page to see more
about how to use, contribute and much more.