-
Notifications
You must be signed in to change notification settings - Fork 46
/
Copy pathindex.html
73 lines (61 loc) · 4.54 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="chrome=1">
<title>gethead by httphacker</title>
<link rel="stylesheet" href="stylesheets/styles.css">
<link rel="stylesheet" href="stylesheets/pygment_trac.css">
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
</head>
<body>
<div class="wrapper">
<header>
<h1>gethead</h1>
<p>HTTP Header Analysis Vulnerability Tool</p>
<p class="view"><a href="https://github.com/httphacker/gethead">View the Project on GitHub <small>httphacker/gethead</small></a></p>
<ul>
<li><a href="https://github.com/httphacker/gethead/archive/gh-pages.zip">Download <strong>ZIP Archive</strong></a></li>
<li><a href="https://github.com/httphacker/gethead/blob/gh-pages/gethead.py">View On <strong>GitHub</strong></a></li>
</ul><img src="http://httphacker.files.wordpress.com/2013/08/hacker.png?w=566&h=454">
</header>
<section>
<h3>
<a name="welcome-to-github-pages" class="anchor" href="#welcome-to-github-pages"><span class="octicon octicon-link"></span></a>Welcome to the gethead Project.</h3>
<p>gethead.py is a Python HTTP Header Analysis Vulnerability Tool. It identifies security vulnerabilities and the lack of protection in HTTP Headers.</p>
<h3>Usage:</h3>
<pre><code>$ python gethead.py http://domain.com
</code></pre>
<h3>
<a name="designer-templates" class="anchor" href="#designer-templates"><span class="octicon octicon-link"></span></a>Changelog</h3>
Version 0.1 - Initial Release
<p><ul><li>Written in Python 2.7.5</li><li>Performs HTTP Header Analysis</li><li>Reports Header Vulnerabilities</li></ul></p>
<h3>
<a name="rather-drive-stick" class="anchor" href="#rather-drive-stick"><span class="octicon octicon-link"></span></a>Features in Development</h3>
Version 0.2 - Next Release (April 2014 Release)
<p><ul><li>Support for git updates</li><li>Support for Python 3.3</li><li>Complete Header Analysis</li><li>Additional Logic for Severity Classifications</li><li>Rank Vulnerabilities by Severity</li><li>Export Findings with Description, Impact, Execution, Fix, and References</li><li>Export with multi-format options (XML, HTML, TXT)</li></ul></p>
Version 0.3 - Future Release (May 2014 Release)
<p><ul><li>Replay and Inline Upstream Proxy support to import into other tools</li><li>Scan domains, sub-domains, and multi-services</li><li>Header Injection and Fuzzing functionality</li><li>HTTP Header Policy Bypassing</li><li>Modularize and port to more platforms<br>(e.g. <a href="https://github.com/DennisAntunes/gMinorWeb">gMinor</a>, Kali, Burp Extension, Metasploit, Chrome, Firefox)</li></ul></p></p>
<h3>
<a name="authors-and-contributors" class="anchor" href="#authors-and-contributors"><span class="octicon octicon-link"></span></a>About the Author</h3>
<p>
Nathan LaFollette “httphacker” has been leading international security engagements in the areas of Web Application Penetration Testing for many years. Nathan’s vast experience with web vulnerability analysis is unmatched in the industry. Currently employed by a Fortune 10 company as a Senior Security Consultant, Nathan has advised and performed Web Application Penetration Testing for some of the world’s largest publicly and privately traded companies. Nathan brings a great deal of international security threat expertise and corporate security experience to the information security community. Nathan also acts as the lead project developer for other upcoming projects such as getcookies, getoff, and getssl python projects.</p>
<h3>Contact Info</h3>
<p>github: <a href="https://github.com/httphacker">https://github.com/httphacker</a><br>
email: <a href="mailto:[email protected]">[email protected]</a><br>
website: <a href="http://httphacker.com">httphacker.com</a><br>
twitter: <a href="https://twitter.com/httphacker">@httphacker</a><br></p>
<h3>
<a name="support-or-contact" class="anchor" href="#support-or-contact"><span class="octicon octicon-link"></span></a>Bugs and Feature Requests</h3>
<p>Contact Nathan at <a href="mailto:[email protected]">[email protected]</a> and he’ll sort it out and take your feature requests.</p>
</section>
<footer>
<p>This project is maintained by <a href="https://github.com/httphacker">httphacker</a></p>
</footer>
</div>
<script src="javascripts/scale.fix.js"></script>
</body>
</html>