Jonathan Hodgson
|
bf132e16c2
|
BIN: analyse-headers: Fix incorrect reporting of SSL issues
It turns out the SSL flags secure and httponly are not case sensitive.
https://tools.ietf.org/html/rfc6265#section-5.2.5
I cannot find any documentation about the SameSite=Strict so I will
leave it case sensitive for now. The spec for that section is here:
https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-05#section-5.2
Thanks <Dom Ingram> for flagging this
|
4 years ago |
Jonathan Hodgson
|
69c7355225
|
BIN: analyse-headers: add expect-ct and start referrer-policy
|
4 years ago |
Jonathan Hodgson
|
5369861bc8
|
BIN: Analyse-headers: Adds to description for cookie flag
|
4 years ago |
Jonathan Hodgson
|
3665bb63a2
|
BIN: analyse-headers: fix error "wrap command not found"
|
4 years ago |
Jonathan Hodgson
|
97df97a48b
|
BIN: analyse-headers: adds feature-policy and permissions-policy checks
|
4 years ago |
Jonathan Hodgson
|
afa3f3495a
|
BIN: analyse-headers: Wrap text in descriptions
The text in descriptions is now wrapped to 80 chars. This does not
affect the headers printed at the top which are not wrapped
|
4 years ago |
Jonathan Hodgson
|
fb5d25dc6c
|
BIN: Adds SameSite check in analyse-headers script
The script will now warn you if the SameSite option is not set to Strict
on cookies.
|
4 years ago |
Jonathan Hodgson
|
c384064641
|
BIN: Fix webtest script when : in cookies
If there was a colon in a cookie, the script would misidentify insecure
cookie configurations
|
4 years ago |
Jonathan Hodgson
|
ab2c56d9b5
|
BIN: Adds analyse-headers script
The script is in early stages of development but should work for some of
the most common mis-configurtaions.
|
4 years ago |
Jonathan Hodgson
|
085f17ab1f
|
Adds scripts to help with ssl testing
|
4 years ago |
Jonathan Hodgson
|
77955b1e18
|
Renames jwtcat to catjwt to avoid clash with 3rd party tool
|
4 years ago |
Jonathan Hodgson
|
d106799a8b
|
Creates script for printing jwt web tokens
|
4 years ago |
Jonathan Hodgson
|
b19db697e8
|
A start to webtest script
|
4 years ago |
Jonathan Hodgson
|
b4bdba9e24
|
Adds getpaths script
|
4 years ago |
Jonathan Hodgson
|
4ac6ff54dc
|
changed profile name to headless
|
5 years ago |
Jonathan Hodgson
|
031ae34a60
|
Will create firefox profile
|
5 years ago |
Jonathan Hodgson
|
045a120083
|
Adds help and checks url is given
|
5 years ago |
Jonathan Hodgson
|
f0404cd7fc
|
Makes clickjacking script look for ff dev edition
|
5 years ago |
Jonathan Hodgson
|
e973957094
|
Adds script to make clickjacking screenshot
|
5 years ago |
Jonathan Hodgson
|
55a7d2da4f
|
Lots of bin changes
|
5 years ago |
Jonathan Hodgson
|
187872ab6a
|
Adds a script for turning an html form into a curl requst
|
5 years ago |