shcheck (Security Header Check)
Tool and Usage
Security header check (shcheck) is a security tool to scan web applications and their HTTP headers. It can help securing web applications or detect weaknesses.
Why this tool?
This simple tool is a good option to test if advised HTTP headers are available on web application and websites. It can be used as a defensive measure during development, or offensive to find weaknesses in existing applications.
How it works
The tool connects to the given target and retrieves the available HTTP headers. It parses each header and checks them in the internal database. Depending on the presence of absence of a header, it will show its status.
Usage and audience
shcheck is commonly used for application security or web application analysis. Target users for this tool are developers, pentesters, and security professionals.
- + Very low number of dependencies
- + The source code of this software is available
- - No releases on GitHub available
Author and Maintainers
Shcheck is under development by Alessio Santoru.
Support operating systems
Shcheck is known to work on Linux.