-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathheadHunter.py
82 lines (65 loc) · 2.31 KB
/
headHunter.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
#!/usr/bin/env python
# headHunter.py - small script to check few headers for
# buggy server configuration.
# @22.10.2016
# based on 'python web penetration testing cookbook'
#
import requests
import sys
GREEN = '\033[92m'
YELLOW = '\033[93m'
ENDC = '\033[0m'
RED = '\033[31m'
target = str(sys.argv[1])
print '\n\t ( headHunter.py - find buggy headers )\n'
print '[+] Checking : ' + GREEN + target + ENDC + '\n'
req = requests.get(target)
try:
xssprotect = req.headers['X-XSS-Protection']
if xssprotect != '1; mode=block':
print RED + ' [bug] X-XSS-Protection not set properly, XSS may be possible: ' + xssprotect + ENDC
except:
print RED + ' [bug] X-XSS-Protection not set, XSS may be possible' + ENDC
try:
contenttype = req.headers['X-Content-Type-Options']
if contenttype != 'nosniff':
print RED+ ' [bug] X-Content-Type-Options not set properly: ' + contenttype + ENDC
except:
print RED + ' [bug] X-Content-Type-Options not set' + ENDC
try:
hsts = req.headers['Strict-Transport-Security']
except:
print RED + ' [bug] HSTS header not set, MITM attacks may be possible' + ENDC
try:
csp = req.headers['Content-Security-Policy']
print YELLOW + ' [info] Content-Security-Policy set:'+csp + ENDC
except:
print RED + ' [bug] Content-Security-Policy missing' + ENDC
try:
srv = req.headers['Server']
print YELLOW + ' [info] Server set:' + srv + ENDC
except:
print YELLOW + ' [info] Server header not found' + ENDC
try:
dat = req.headers['Date']
print YELLOW + ' [info] Date set: ' + dat + ENDC
except:
pass
try:
crossdomain = req.headers['Access-Control-Allow-Origin'] # if set to '*' = bug
print YELLOW+' [info] Access-Control-Allow-Origin set:' + crossdomain + ENDC
except:
print YELLOW+' [info] Access-Control-Allow-Origin missing' + ENDC
try:
xcsp = req.headers['X-Content-Security-Policy']
print YELLOW+' [info] X-Content-Security-Policy set:'+ xcsp + ENDC
# specify per-document, the ability to perform actions
# that would normally be permitted under SOP.
except:
print YELLOW+' [info] X-Content-Security-Policy missing' + ENDC
try:
print YELLOW+' [info] X-Frame-Options presented, clickjacking not likely possible' + ENDC
except:
print RED + ' [bug] X-Frame-Options missing - clickjacking possible' + ENDC
# TODO: add more headers...
print '\n[+] Test finished.\n'