Chopper: An Automated Security Headers Analyzer

Related tags

Command-line ToolsChopper
Overview
  ____ _                                 _ 
 / ___| |__   ___  _ __  _ __   ___ _ __| |
| |   | '_ \ / _ \| '_ \| '_ \ / _ \ '__| |
| |___| | | | (_) | |_) | |_) |  __/ |  |_|
 \____|_| |_|\___/| .__/| .__/ \___|_|  (_)
                  |_|   |_|

Chopper - An Automated Security Headers Analyzer

Chopper is a python script to scrape HTTP Headers from the requests. All you need is to supply a valid domain name. Chopper will automatically check for security related headers, thus saving much of your time.

Currently Chopper is able to check the following headers and flags.

  1. Content-Security-Policy
  2. X-XSS-Protection
  3. X-Frame-Headers
  4. X-Content-Type
  5. Strict-Transport-Security
  6. Referrer-Policy
  7. Feature-Policy
  8. Cache-Control Policy
  9. Access-Control-Allow-Origin
  10. Access-Control-Allow-Credentials
  11. HttpOnly Flag
  12. Secure Flag

Chopper also provides with the complete list of headers. Thus, providing a better view of all the headers.

Required Packages

1. Python3
2. Colorama
3. Validators
4. Requests

Installing Dependencies

  • pip install -r requirements.txt
  • python -m pip install -r requirements.txt

Flying The Chopper

python3 Chopper.py http://testphp.vulnweb.com/login.php

  ____ _                                 _ 
 / ___| |__   ___  _ __  _ __   ___ _ __| |
| |   | '_ \ / _ \| '_ \| '_ \ / _ \ '__| |
| |___| | | | (_) | |_) | |_) |  __/ |  |_|
 \____|_| |_|\___/| .__/| .__/ \___|_|  (_)
                  |_|   |_|                

 An Automated Security Headers Analyzer
 ------------------------------
 Coded by Kamran Saifullah - Frog Man
 Twitter: https://twitter.com/deFr0ggy 
 GitHub: https://github.com/deFr0ggy 
 LinkedIn: https://linkedin.com/in/kamransaifullah 

 Usage: ./Chopper.py <http|https://example.com>


Domain: http://testphp.vulnweb.com/login.php

[-] Content-Security-Policy is not in place!
[-] X-XSS-Protection - XSS Protection is not in place!
[-] X-Frame-Headers - ClickJacking Protection is not in place!
[-] X-Content-Type - MIME Sniffing Protection is not in place!
[-] Strict-Transport-Security - Protection is not in place!
[-] Referrer-Policy is not in place!
[-] Feature-Policy is not in place!
[-] Cache-Control Policy is not in place!
[-] Access-Control-Allow-* - CORS Policy is not in place!
[-] HttpOnly Flag is not in place!
[-] Secure Flag is not in place!


[-] Check These Headers Out! 


Server:  nginx/1.19.0
Date:  Sun, 19 Dec 2021 09:15:46 GMT
Content-Type:  text/html; charset=UTF-8
Transfer-Encoding:  chunked
Connection:  keep-alive
X-Powered-By:  PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1
Content-Encoding:  gzip
Owner
Kamran Saifullah (Frog Man)
An abnormal frog who has been thrown out by the frog community!
Kamran Saifullah (Frog Man)
GitHub Repository
alternative cli util for update-alternatives

altb altb is a cli utility influenced by update-alternatives of ubuntu. Linked paths are added to $HOME/.local/bin according to XDG Base Directory Spe

Elran Shefer 8 Dec 07, 2022
TUIFIManager - A cross-platform terminal-based file manager

TUIFI Manager A cross-platform terminal-based file manager (and component), mean

142 Dec 26, 2022
AML Command Transfer. A lightweight tool to transfer any command line to Azure Machine Learning Services

AML Command Transfer (ACT) ACT is a lightweight tool to transfer any command from the local machine to AML or ITP, both of which are Azure Machine Lea

Microsoft 11 Aug 10, 2022
jenkins-tui is a terminal based user interface for Jenkins.

jenkins-tui 📦 jenkins-tui is a terminal based user interface for Jenkins. 🚧 ⚠️ This app is a prototype and in very early stages of development. Ther

Craig Gumbley 22 Oct 24, 2022
Chat In Terminal - Chat-App in python

Chat In Terminal Hello all. 😉 Sockets and servers are vey important for connection and importantly chatting with others. 😂 😁 I have thought of maki

Shreejan Dolai 5 Nov 17, 2022
⌨ Toward a more useful keyboard

Toward a more useful keyboard Steve Losh's Modern Space Cadet is an inspiration. It opened my eyes to the fact that there's a more useful keyboard hid

Jason Rudolph 1.7k Jan 01, 2023
touch command for Windows

Touch touch command for Windows Setup: Clone the repository git clone https://github.com/g-paras/touch.git cd touch Install touch module python setup.

Paras Gupta 5 Jan 04, 2022
Python commandline tool for remembering linux/terminal commands

ehh Remember linux commands Commandline tool for remembering linux/terminal commands. It stores your favorite commands in ~/ehh.json in your homedir a

56 Nov 10, 2022
Doro is a CLI based pomodoro app and countdown timer application built using python.

Doro - CLI based pomodoro app Doro is a CLI based pomodoro app and countdown timer application built using python. Install $ pip install doro Usage Po

Suresh Kumar 14 May 23, 2022
Analyzing the most strategic words to guess on Wordle, based on letter frequency distributions

wordle-analysis Evaluating different heuristics to determine the most effective solving strategy and building an AI-powered assistant tool to help you

Sejal Dua 9 Feb 27, 2022
RSS reader client for CLI (Command Line Interface),

rReader is RSS reader client for CLI(Command Line Interface)

Lee JunHaeng 10 Dec 24, 2022
dsub is a command-line tool that makes it easy to submit and run batch scripts in the cloud.

Open-source command-line tool to run batch computing tasks and workflows on backend services such as Google Cloud.

Data Biosphere 233 Jan 01, 2023
Objexplore is an interactive Python object explorer for the terminal.

Objexplore is an interactive Python object explorer for the terminal. Use it while debugging, or exploring a new library, or whatever! 9D1FAC73-B2A5-4

kylepollina 249 Dec 23, 2022
Unconventional ways to save an Image

Unexpected Image Saves Unconventional ways to save an image 😄 Have you ever been bored by the same old .png, .jpg, .jpeg, .gif and all other image ex

Eric Mendes 15 Nov 06, 2022
A basic molecule viewer written in Python, using curses; Thus, meant for linux terminals

asciiMOL A basic molecule viewer written in Python, using curses; Thus, meant for linux terminals. This is an alpha version, featuring: Opening defaul

Dominik Behrens 328 Dec 11, 2022
Freaky fast fuzzy Denite/CtrlP matcher for vim/neovim

Freaky fast fuzzy Denite/CtrlP matcher for vim/neovim This is a matcher plugin for denite.nvim and CtrlP.

Raghu 113 Sep 29, 2022
A simple python application for running a CI pipeline locally

A simple python application for running a CI pipeline locally This app currently supports GitLab CI scripts

Tom Stowe 0 Jan 11, 2022
Simple command line tool for text to image generation using OpenAI's CLIP and Siren (Implicit neural representation network)

Simple command line tool for text to image generation using OpenAI's CLIP and Siren (Implicit neural representation network)

Phil Wang 4.4k Jan 09, 2023
CLI tool and python library that converts the output of popular command-line tools and file-types to JSON or Dictionaries. This allows piping of output to tools like jq and simplifying automation scripts.

jc JSONifies the output of many CLI tools and file-types for easier parsing in scripts

Kelly Brazil 5.8k Jan 03, 2023
A terminal client for connecting to hack.chat servers

A terminal client for connecting to hack.chat servers.

V9 2 Sep 21, 2022