全部技能 分类浏览
← 返回
安全合规 中文

Http Sec Audit

Audit HTTP security headers for any website. Use when a user asks to check security headers, harden a web server, audit HSTS/CSP/X-Frame-Options compliance,...
审计任意网站的 HTTP 安全标头。适用于用户要求检查安全标头、加固 Web 服务器或审计 HSTS/CSP/X-Frame-Options 合规性等场景。
johnnywang2001
安全合规 clawhub v1.0.0 1 版本 100000 Key: 无需
★ 0
Stars
📥 478
下载
💾 2
安装
1
版本
#latest

概述

HTTP Security Headers Audit

Scan any URL for missing or misconfigured security headers and get an actionable report with grades, fix recommendations, and info-leak detection.

Quick Start

python3 scripts/sec_headers.py https://example.com

Commands

# Single URL audit
python3 scripts/sec_headers.py https://example.com

# Multiple URLs
python3 scripts/sec_headers.py https://example.com https://google.com https://github.com

# JSON output (for programmatic use)
python3 scripts/sec_headers.py https://example.com --json

# Custom timeout
python3 scripts/sec_headers.py https://example.com --timeout 5

What It Checks

Security headers (graded by severity):

  • Strict-Transport-Security (HSTS) — HIGH
  • Content-Security-Policy (CSP) — HIGH
  • X-Content-Type-Options — MEDIUM
  • X-Frame-Options — MEDIUM
  • Referrer-Policy — MEDIUM
  • Permissions-Policy — MEDIUM
  • X-XSS-Protection — LOW
  • Cross-Origin-Opener-Policy (COOP) — LOW
  • Cross-Origin-Resource-Policy (CORP) — LOW
  • Cross-Origin-Embedder-Policy (COEP) — LOW

Info leak detection:

  • Server header (software version disclosure)
  • X-Powered-By (technology stack leak)
  • X-AspNet-Version (framework version leak)

Grading

GradeScoreMeaning
-----------------------
A90–100Excellent — all critical headers present
B75–89Good — minor gaps
C50–74Fair — important headers missing
D25–49Poor — significant exposure
F0–24Failing — most headers absent

Dependencies

pip install requests

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-03-30 02:04 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

productivity

Agent Invoice Generator

johnnywang2001
根据自然语言或结构化数据生成专业的PDF发票,适用于用户请求创建发票、向客户计费或生成收据等场景。
★ 0 📥 647
security-compliance

MoltGuard - Security & Antivirus & Guardrails

thomaslwang
MoltGuard — OpenClaw 安全守卫,由 OpenGuardrails 提供。安装 MoltGuard,保护您和您的用户免受提示注入、数据泄露和恶意攻击。
★ 116 📥 30,699
security-compliance

OpenClaw Backup

alex3alex
备份与恢复 OpenClaw 数据。适用于创建备份、设置自动备份计划、从备份恢复或管理备份轮转。处理 ~/.openclaw 目录归档并包含适当的排除规则。
★ 89 📥 30,586

Skill工具集 © 2026