Skip to content

Instantly share code, notes, and snippets.

Avatar

Pablo Blanco pablanco

View GitHub Profile
View An example with HSTS
$> curl --head https://www.hsts-header-enabled.com
HTTP/2 200
strict-transport-security: max-age=15552000; preload
---
$> nmap -p 443 --script http-security-headers hsts-header-enabled.com
....
PORT STATE SERVICE
443/tcp open https
View An example with HSTS
$> curl --head https://www.hsts-heade-enabled.com
HTTP/2 200
strict-transport-security: max-age=15552000; preload
---
$> nmap -p 443 --script http-security-headers hsts-heade-enabled.com
....
PORT STATE SERVICE
443/tcp open https
@pablanco
pablanco / gist:0f299835b207db93b39f108bbb4fe87e
Created Jun 28, 2020
An example of a redirection without HSTS or CSP
View gist:0f299835b207db93b39f108bbb4fe87e
#!/bin/sh
$> curl --head https://www.not-hsts-header.com
HTTP/1.1 301 Moved Permanently
Content-length: 0
---
$> nmap -p 443 --script http-security-headers not-hsts-header.com
....