shcheck (Security Header Check)
Tool and Usage
Security header check (shcheck) is a security tool to scan web applications and their HTTP headers. It can help securing web applications or detect weaknesses.
Why this tool?
This simple tool is a good option to test if advised HTTP headers are available on web application and websites. It can be used as a defensive measure during development, or offensive to find weaknesses in existing applications.
How it works
The tool connects to the given target and retrieves the available HTTP headers. It parses each header and checks them in the internal database. Depending on the presence of absence of a header, it will show its status.
Usage and audience
shcheck is commonly used for application security or web application analysis. Target users for this tool are developers, pentesters, and security professionals.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + Very low number of dependencies
- + The source code of this software is available
- - No releases on GitHub available
Supported operating systems
Shcheck is known to work on Linux.
Similar tools to shcheck:
VHostScan is a security tool that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases, and dynamic default pages.
Admin Page Finder is a tool written in PHP to find admin sections within a website. It can be used during pentesting and security assessments.
BlindElephant is a security tool to perform fingerprinting of web applications. It can discover the name and version of known web applications.
|Latest release||No release found|