check-my-headers
Fast and simple way to check any HTTP Headers. Thanks Liran Tal and the amazing Snyk team for your support 😊. Usage: Command line - Using Node.js's npx to run a one-off scan of a website: npx check-my-headers https://example.com. The CLI will gracefully handle cases where the URL to scan is missing or wrong. Module - Using check-my-headers in your project: const checkMyHeaders = require('check-my-headers'); checkMyHeaders('http://example.com').then(({ messages, headers, status }) => { console.log(`Status code: ${status}`); console.log('Messages:'); console.log(messages); console.log('Current headers:'); console.log(headers); }); Output: Status code: 200, Messages: [{ msg: 'Remove field: server', type: 'error' }, { msg: 'Missing field: content-security-policy', type: 'error' }, { msg: 'Missing field: referrer-policy', type: 'error' }, { msg: 'Missing field: strict-transport-security', type: 'error' }, { msg: 'Missing field: x-xss-protection', type: 'error' }]
FEATURES
ALTERNATIVES
CLI program for cybersecurity solution management with multiple functionalities and authentication methods.
A controller addon that provides additional security defenses for onion services ahead of official Tor-core release.
WPMissionControl is a WordPress-focused security and uptime monitoring tool that offers continuous website checks, alerts, and malware cleanup services.
A lab designed for defenders to quickly build a Windows domain pre-loaded with security tooling and best practices in system logging configurations.
Community-driven collection of open source tools being archived with limited support.
A tool for scraping CTF writeups from ctftime.org and organizing them for easy access.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.