About
Shcheck detects which security headers are enabled on certain websites. It just check headers and print a report about which are enabled and which not. It just check the security headers on a target website.
Demo
Installation
Docker Installation:
Step 1: To build a docker container use the code below.
docker build -t shcheck .
Step 2: Then run the docker container by specifying the target website that you want to scan. Use the below command,
docker run -it --rm https://www.example.com/
Traditional Installation:
Step 1: Download or Clone the Shcheck tool in to your system.
root~#git clone https://github.com/meliot/shcheck.git
Step 2: The Navigate to the shcheck tool directory in your system.
root~#cd shcheck
Step 3: Now run the installation file as shown below.
root~shcheck# ./shcheck.py https://www.example.com/ -i –x
Usage with options
Usage: ./shcheck.py [options]
Options:
-h, --help show this help message and exit
-p PORT, --port=PORT Set a custom port to connect to
-c COOKIE_STRING, --cookie=COOKIE_STRING
Set cookies for the request
-a HEADER_STRING, --add-header=HEADER_STRING
Add headers for the request e.g. 'Header: value'
-d, --disable-ssl-check
Disable SSL/TLS certificate validation
-g, --use-get-method Use GET method instead HEAD method
-j, --json-output Print the output in JSON format
-i, --information Display information headers
-x, --caching Display caching headers
--proxy=PROXY_URL Set a proxy (Ex: http://127.0.0.1:8080)
--hfile=PATH_TO_FILE Load a list of hosts from a flat file