EasyScan
EasyScan is a Python script that analyzes the security of a given website by inspecting its HTTP headers and DNS records. The script generates a security report with recommendations for addressing potential vulnerabilities.
Test Cases
The script covers the following test cases:
- Same Site Scripting
- SPF records
- DMARC records
- Public Admin Page
- Directory Listing
- Missing security headers
- Insecure cookie settings
- Information disclosure
- Cross-Origin Resource Sharing (CORS) misconfigurations
- Content-Type sniffing
- Cache-control
Dependencies
EasyScan has the following dependencies:
- Python 3.6 or higher
requestslibrarybeautifulsoup4librarydnspythonlibrary
You can install these dependencies using pip:
pip install requests beautifulsoup4 dnspython
Usage
To use the EasyScan script, follow these steps:
- Save the code to a file named
easyscan.py. - Open a terminal or command prompt and navigate to the directory containing the script.
- Run the script using Python:
python3 easyscan.py
- Enter the URL of the website you want to analyze when prompted.
- Review the generated security report for any potential vulnerabilities and recommendations.
The security report will display the header or test case, the status (Missing, Accessible, Enabled, etc.), the severity (Low, Medium, or High), and the recommendation for addressing the issue.
Example
Enter the URL to analyze: https://example.com
Security Report:
Header Status Severity Recommendation
--------------------------------------------------------------------------------
Meta Referrer Missing Low Add a 'referrer' META tag with 'no-referrer' to prevent Same Site Scripting.
SPF Record Missing Low Add an SPF record to your domain's DNS settings to help prevent email spoofing.
DMARC Record Missing Low Add a DMARC record to your domain's DNS settings to help protect against email spoofing and phishing.
Public Admin Page Accessible High Restrict access to your admin page to specific IP addresses and/or enable authentication.
Directory Listing Enabled Medium Disable directory listing to prevent unauthorized access to your website's files and folders.
Content-Security-Policy Missing Medium Implement a Content Security Policy (CSP) to prevent Cross-Site Scripting (XSS) and other code injection attacks.
X-Content-Type-Options Missing Medium Set the 'X-Content-Type-Options' header to 'nosniff' to prevent MIME type sniffing.
X-Frame-Options Missing Medium Set the 'X-Frame-Options' header to 'DENY' or 'SAMEORIGIN' to protect against clickjacking.
X-XSS-Protection Missing Medium Set the 'X-XSS-Protection' header to '1; mode=block' to enable XSS protection in older browsers.
Strict-Transport-Security Missing Medium Implement Strict Transport Security (HSTS) to enforce secure connections.
Set-Cookie Insecure High Set the 'Secure' and 'HttpOnly' flags for cookies to protect them from interception and access by JavaScript.
Server Value: nginx Low Remove or obfuscate the 'Server' header to avoid revealing server information.
X-Powered-By Value: PHP/7.4 Low Remove or obfuscate the 'X-Powered-By' header to avoid revealing technology stack information.
Access-Control-Allow-Origin Misconfigured High Restrict the 'Access-Control-Allow-Origin' header to specific trusted domains or avoid using the wildcard '*'.
Cache-Control Insecure Medium Set 'Cache-Control' header to 'no-store, private' for sensitive resources to prevent caching.
Keep in mind that the script may not cover all possible security scenarios, and it's recommended to perform a thorough security assessment for your website.
EasyScan is also available at https://easyscan.onrender.com/
If you have any questions or need a full security audit, please reach out on Twitter @introvertmac007.