Pentest & Bug Bounty Resources and Techniques
  • Pentest & Bug Bounty Resources and Techniques
    • Introduction
    • Tests Checklist
    • OSINT
    • Communications Security
      • SSL/TLS
    • Networking
      • Subdomains Discovery
        • DNS & OSINT
        • DNS Brute force
          • Second DNS Brute-Force Round
      • Subdomain Takeover
      • Network Host Scan/Discovery
        • External/Internal
        • Internal only
      • Network Vulnerability Scanning
      • Network Hacking
      • Parsing
      • Reporting
    • Brute Force
      • Wordlists
      • Databases
      • SSH
    • Web
      • Endpoint Discovery
      • Infrastructure & Configuration
        • Headers
        • WAF Detection/ Evasion
      • Injection
        • GraphQL
        • Cross-Site Scripting (XSS)
        • SQL Injection
        • Payloads
      • SSRF & XXE
        • Labs & Resources
        • Tools
        • SVG SSRF Cheatsheet
        • XXE - XEE - XML External Entity
      • JWT Vulnerabilities (Json Web Tokens)
      • HTTP/S DoS
    • Mobile
      • Both
        • SAST
          • MobSF
        • DAST
          • Installing Frida and Objection
      • Android
        • Create a Lab
          • Rooting Android Emulator
          • Rooting Android Emulator Cheat Sheet
        • APK Certificates
        • SAST
          • APKs
            • Get Information from APK
            • GDA (GJoy Dex Analysizer)
            • Scanning APK for URIs, endpoints & secrets
            • Google Maps API Scanner
        • DAST
          • Rooting the Android Studio AVDs
          • non-Rooted devices
            • Bypass SSL Pinning - non-rooted devices
              • Method 1: apk-mitm
              • Instrumentation with Frida and Objection
                • Bypass SSL Pinning - Method 2: With Objection Explore
                • Bypass SSL Pinning - Method 3: With root_bypass.js
          • Rooted Devices
            • Run frida-server in the emulator or device
            • Inject Frida
            • Bypass SSL Pinning - rooted devices
              • Install Burp CA as a system-level CA on the device
      • iOS
        • SAST
          • Building a reverse iOS engineering environment for free
          • Test Vulnerabilities
  • Lets Practice
    • Virtual Machines
    • Vulnerable App
    • Guided Labs
    • CTFs
  • Group 1
    • AI
Powered by GitBook
On this page
  • Security headers
  • shcheck
  • Installation
  • Complete Usage
  1. Pentest & Bug Bounty Resources and Techniques
  2. Web
  3. Infrastructure & Configuration

Headers

PreviousInfrastructure & ConfigurationNextWAF Detection/ Evasion

Last updated 4 months ago

Security headers

Repo:

Info: I built Security Headers after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites were using these headers and I figured I'd turn it into a useful tool for everyone to use!

https://securityheaders.com/?q=https%3A%2F%2Fwww.domain.com%2F&followRedirects=on

Installation

Pypi

pip3 install shcheck
shcheck.py https://insecurity.blog

Python Virtual Environment

python3 -m venv shcheck; source shcheck/bin/activate; pip3 install shcheck
shcheck.py https://insecurity.blog

Docker

First build your docker container using something like this:

docker build -t shcheck .

Then simply run your docker container using something like this where you specify which website you want to check headers on:

docker run -it --rm shcheck https://insecurity.blog

From source

git clone https://github.com/santoru/shcheck && cd shcheck
./shcheck.py https://insecurity.blog

Complete Usage

shcheck.py --proxy=http://192.168.1.60:8081 -d -c [COOKIE] -g https://[URL]

-c Set cookies for the request

-d When using --proxy disables SSL/TLS certificate validation

-g Use GET method instead HEAD method

https://securityheaders.com/
shcheck