Skip to content
/ burp-security-headers-checker Public

Super simple Burp Suite extension adding passive scanner checks for missing security headers in server responses

License

Apache-2.0 license
6 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jpiechowka/burp-security-headers-checker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits

gradle/wrapper

gradle/wrapper

 
 

src/main/java/burp

src/main/java/burp

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

build.gradle

build.gradle

 
 

gradlew

gradlew

 
 

gradlew.bat

gradlew.bat

 
 

lombok.config

lombok.config

 
 

settings.gradle

settings.gradle

 
 

Repository files navigation

Burp Security Headers Checker

Super simple Burp Suite extension adding passive scanner checks for missing security headers in server responses

Headers checked:

  • Content-Security-Policy (CSP)
  • Feature-Policy
  • Strict-Transport-Security (HSTS)
  • X-Frame-Options
  • X-Content-Type-Options
  • X-XSS-Protection
  • Referrer-Policy

Building

To build release JAR with all dependencies (by using com.github.johnrengelman.shadow Gradle plugin) execute the command below from project root directory: ./gradlew clean shadowJar

About

Super simple Burp Suite extension adding passive scanner checks for missing security headers in server responses

Topics

plugin security-audit extension pentesting burp security-scanner burp-plugin burpsuite security-tools burp-extensions burpsuite-extender http-headers security-headers pentesting-tools

Resources

Readme

License

Apache-2.0 license
Activity

Stars

6 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases 2

v1.1.0 Latest
Feb 3, 2020
+ 1 release

Packages

No packages published

Contributors 2

  •  
  •  

Languages