check-my-headers
Fast and simple way to check any HTTP Headers. Thanks Liran Tal and the amazing Snyk team for your support 😊. Usage: Command line - Using Node.js's npx to run a one-off scan of a website: npx check-my-headers https://example.com. The CLI will gracefully handle cases where the URL to scan is missing or wrong. Module - Using check-my-headers in your project: const checkMyHeaders = require('check-my-headers'); checkMyHeaders('http://example.com').then(({ messages, headers, status }) => { console.log(`Status code: ${status}`); console.log('Messages:'); console.log(messages); console.log('Current headers:'); console.log(headers); }); Output: Status code: 200, Messages: [{ msg: 'Remove field: server', type: 'error' }, { msg: 'Missing field: content-security-policy', type: 'error' }, { msg: 'Missing field: referrer-policy', type: 'error' }, { msg: 'Missing field: strict-transport-security', type: 'error' }, { msg: 'Missing field: x-xss-protection', type: 'error' }]
FEATURES
ALTERNATIVES
CTFd is a Capture The Flag framework with extensive features for creating and managing CTF competitions.
Package verification tool for npm with various verification and testing capabilities.
A set of instructions for the Dalvik virtual machine to manipulate registers and values in Android applications.
PLC-side fuzzing tool for uncovering vulnerabilities in ICS control applications.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
A security framework for process isolation and sandboxing based on capability-based security principles.
A super-simple, modern framework for organizing and automating cybersecurity tasks.
A lab designed for defenders to quickly build a Windows domain pre-loaded with security tooling and best practices in system logging configurations.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.