In this quick tutorial, I will show you how to build a basic web security scanner in Python that checks for common security headers, SSL certificate validity, and open ports.
What you will build
A Python script that:
- Checks security headers (HSTS, CSP, X-Frame-Options)
- Validates SSL certificates
- Scans for open ports
- Generates a risk score
All in under 50 lines of code.
Basic Implementation
import requests
import ssl
import socket
def check_security_headers(url):
response = requests.get(url)
headers_to_check = [
"Strict-Transport-Security",
"Content-Security-Policy",
"X-Frame-Options",
"X-Content-Type-Options"
]
results = {}
for header in headers_to_check:
results[header] = header in response.headers
return results
Try the full version at https://sec.92888888.xyz/scan?url=https://example.com
The Pro version adds PDF reports and unlimited scans.
Top comments (0)