Header Scanner

Analyze HTTP response security headers. Identify missing protections and misconfigurations.

About Security Headers

HTTP security headers are directives used by web applications to configure security defenses in web browsers. These headers help protect against common attacks like XSS, clickjacking, and other code injection attacks.

Key Headers We Check:

Strict-Transport-Security: Enforces secure HTTPS connections
Content-Security-Policy: Prevents XSS and data injection attacks
X-Frame-Options: Protects against clickjacking
X-Content-Type-Options: Prevents MIME-type sniffing