Tool and Usage
|Latest release||None |
The hsecscan utility is written in Python and opens a connection (via HTTP or HTTPS) to the related web server. It will return all headers found and includes an explanation of what each header does. Any security recommendations are listed as well.
Usage and audience
hsecscan is commonly used for information gathering, learning, penetration testing, security assessment, or web application analysis. Target users for this tool are developers, pentesters, security professionals, and system administrators.
- Command line interface
- Support for HTTPS
- Tool can use a proxy
- Uses CWE name convention
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
Supported operating systems
Hsecscan is known to work on Linux.
Several dependencies are required to use hsecscan.
- Python 2
Similar tools to hsecscan:
DorkNet helps with the discovery of vulnerable web apps. It is a script written in Python that leverages Selenium.
Django-security is a toolkit for the Django framework with the focus on security. It provides models, views, and middleware to strengthen the defenses.
Security header check (shcheck) is a security tool to scan web applications and their HTTP headers. It can help securing web applications or detect weaknesses.
Found an improvement? Help the community by submitting an update.