Chopper: An Automated Security Headers Analyzer

Related tags

Command-line ToolsChopper
Overview
  ____ _                                 _ 
 / ___| |__   ___  _ __  _ __   ___ _ __| |
| |   | '_ \ / _ \| '_ \| '_ \ / _ \ '__| |
| |___| | | | (_) | |_) | |_) |  __/ |  |_|
 \____|_| |_|\___/| .__/| .__/ \___|_|  (_)
                  |_|   |_|

Chopper - An Automated Security Headers Analyzer

Chopper is a python script to scrape HTTP Headers from the requests. All you need is to supply a valid domain name. Chopper will automatically check for security related headers, thus saving much of your time.

Currently Chopper is able to check the following headers and flags.

  1. Content-Security-Policy
  2. X-XSS-Protection
  3. X-Frame-Headers
  4. X-Content-Type
  5. Strict-Transport-Security
  6. Referrer-Policy
  7. Feature-Policy
  8. Cache-Control Policy
  9. Access-Control-Allow-Origin
  10. Access-Control-Allow-Credentials
  11. HttpOnly Flag
  12. Secure Flag

Chopper also provides with the complete list of headers. Thus, providing a better view of all the headers.

Required Packages

1. Python3
2. Colorama
3. Validators
4. Requests

Installing Dependencies

  • pip install -r requirements.txt
  • python -m pip install -r requirements.txt

Flying The Chopper

python3 Chopper.py http://testphp.vulnweb.com/login.php

  ____ _                                 _ 
 / ___| |__   ___  _ __  _ __   ___ _ __| |
| |   | '_ \ / _ \| '_ \| '_ \ / _ \ '__| |
| |___| | | | (_) | |_) | |_) |  __/ |  |_|
 \____|_| |_|\___/| .__/| .__/ \___|_|  (_)
                  |_|   |_|                

 An Automated Security Headers Analyzer
 ------------------------------
 Coded by Kamran Saifullah - Frog Man
 Twitter: https://twitter.com/deFr0ggy 
 GitHub: https://github.com/deFr0ggy 
 LinkedIn: https://linkedin.com/in/kamransaifullah 

 Usage: ./Chopper.py <http|https://example.com>


Domain: http://testphp.vulnweb.com/login.php

[-] Content-Security-Policy is not in place!
[-] X-XSS-Protection - XSS Protection is not in place!
[-] X-Frame-Headers - ClickJacking Protection is not in place!
[-] X-Content-Type - MIME Sniffing Protection is not in place!
[-] Strict-Transport-Security - Protection is not in place!
[-] Referrer-Policy is not in place!
[-] Feature-Policy is not in place!
[-] Cache-Control Policy is not in place!
[-] Access-Control-Allow-* - CORS Policy is not in place!
[-] HttpOnly Flag is not in place!
[-] Secure Flag is not in place!


[-] Check These Headers Out! 


Server:  nginx/1.19.0
Date:  Sun, 19 Dec 2021 09:15:46 GMT
Content-Type:  text/html; charset=UTF-8
Transfer-Encoding:  chunked
Connection:  keep-alive
X-Powered-By:  PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1
Content-Encoding:  gzip
Owner
Kamran Saifullah (Frog Man)
An abnormal frog who has been thrown out by the frog community!
Kamran Saifullah (Frog Man)
GitHub Repository
A minimal and ridiculously good looking command-line-interface toolkit.

Pyceo Pyceo is a Python package for creating beautiful, composable, and ridiculously good looking command-line-user-interfaces without having to write

Juan-Pablo Scaletti 21 Mar 25, 2022
A cli tool , which shows you all the next possible words you can guess from in the game of Wordle.

wordle-helper A cli tool , which shows you all the next possible words you can guess from the Game Wordle. This repo has the code discussed in the You

1 Jan 17, 2022
A simple and easy-to-use CLI parse tool.

A simple and easy-to-use CLI parse tool.

AbsentM 1 Mar 04, 2022
Pyreadline3 - Windows implementation of the GNU readline library

pyreadline3 The pyreadline3 package is based on the stale package pyreadline loc

32 Jan 06, 2023
Code for the Open Data Day 2022 publicbodies.org Nepal data scraping activities.

Open Data Day Publicbodies.org Nepal We've gathered on Saturday, 5th March 2022 with Open Knowledge Nepal in order to try and automate the collection

Augusto Herrmann 2 Mar 12, 2022
A tool to automatically convert old string literal formatting to f-strings

flynt - string formatting converter flynt is a command line tool to automatically convert a project's Python code from old "%-formatted" and .format(.

Elijah K 551 Jan 06, 2023
Present - A terminal-based presentation tool with colors and effects.

present A terminal-based presentation tool with colors and effects. You can also play a codio (pre-recorded code block) on a slide. present is built o

Vinayak Mehta 4.2k Jan 03, 2023
CLI Web-CAT interface for people who use VIM.

CLI Web-CAT CLI Web-CAT interface. Installation git clone https://github.com/phuang1024/cliwebcat cd cliwebcat python setup.py bdist_wheel sdist cd di

Patrick 4 Apr 11, 2022
A python CLI app that converts a mp4 file into a gif with ASCII effect added.

Video2ASCIIgif This CLI app takes in a mp4 format video, converts it to a gif with ASCII effect applied. This also includes full control over: backgro

Sriram R 6 Dec 31, 2021
Keybase-cli - Keybase docker container that exposes the keybase CLI and some common commands such as getting files or loading github action secrets

keybase-cli Keybase docker container that exposes the keybase CLI and some commo

Bryce Geiser 4 Aug 04, 2022
🖍️This is a feature-complete clone of the awesome Chalk (JavaScript) library.

Terminal string styling done right This is a feature-complete clone of the awesome Chalk (JavaScript) library. All credits go to Sindre Sorhus. Highli

Fabian Keller 132 Dec 27, 2022
Tool for HackMyVM platform

HMV-cli It is a tool for the HackMyVM platform. With this tool you will be able to see the machines you have pending, filter by difficulty, download d

bitc0de 11 Sep 19, 2022
Enlighten Progress Bar is a console progress bar library for Python.

Overview Enlighten Progress Bar is a console progress bar library for Python. The main advantage of Enlighten is it allows writing to stdout and stder

Rockhopper Technologies 265 Dec 28, 2022
A python program to detect your emotion and suggest a playlist.

mood_music A python program to detect your emotion and suggest a playlist. This program is written in python using opencv,FER() and tensorflow This pr

Aditya_Sai 1 Jan 02, 2022
Professor Wordlist is a free open source command line tool written in python

Professor Wordlist is a free open source command line tool written in python, With the aim of generating custom wordlists with a variety of unique parameters and functions providing many possibilitie

オークO A K Z E H オーク 1 Oct 28, 2021
A CLI tools to get you started on any project in any language

Any Template A faster easier to Quick start any programming project. Installation pip3 install any-template Features No third party dependencies. Tem

Adwaith Rajesh 2 Jan 11, 2022
ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)

icmpdoor - ICMP Reverse Shell icmpdoor is an ICMP rev shell written in Python3 and scapy. Tested on Ubuntu 20.04, Debian 10 (Kali Linux), and Windows

Jeroen van Kessel 206 Dec 29, 2022
A multipurpose discord bot with more than 220 commands

Welcome WM Bot A advanced bot with more than 220 commands to fit your needs Explore the commands » View Demo · Report Bug · Request Feature Table of C

Wasi Master 12 Dec 16, 2022
Terminal epub reader with inline images

nuber Inspired by epy, nuber is an Epub terminal reader with inline images written with Rust and Python using Überzug. Features Display images in term

Moshe Sherman 73 Oct 12, 2022
cmdpxl: a totally practical command-line image editor

cmdpxl: a totally practical command-line image editor

Jieruei Chang 476 Jan 07, 2023