mirror of
https://github.com/lunchcat/sif.git
synced 2026-01-11 20:45:26 -08:00
51 lines
1.0 KiB
YAML
51 lines
1.0 KiB
YAML
# Security Headers Check Module
|
|
# Checks for missing or misconfigured security headers
|
|
|
|
id: security-headers
|
|
info:
|
|
name: Security Headers Analysis
|
|
author: sif
|
|
severity: info
|
|
description: Checks for presence and configuration of security headers
|
|
tags: [headers, security, info, owasp]
|
|
|
|
type: http
|
|
|
|
http:
|
|
method: GET
|
|
paths:
|
|
- "{{BaseURL}}"
|
|
|
|
matchers:
|
|
- type: regex
|
|
part: header
|
|
regex:
|
|
- "X-Frame-Options"
|
|
- "X-Content-Type-Options"
|
|
- "Strict-Transport-Security"
|
|
- "Content-Security-Policy"
|
|
- "X-XSS-Protection"
|
|
condition: or
|
|
|
|
extractors:
|
|
- type: regex
|
|
name: x_frame_options
|
|
part: header
|
|
regex:
|
|
- "X-Frame-Options: (.+)"
|
|
group: 1
|
|
|
|
- type: regex
|
|
name: content_security_policy
|
|
part: header
|
|
regex:
|
|
- "Content-Security-Policy: (.+)"
|
|
group: 1
|
|
|
|
- type: regex
|
|
name: strict_transport_security
|
|
part: header
|
|
regex:
|
|
- "Strict-Transport-Security: (.+)"
|
|
group: 1
|