cd ../tools
$ Security Headers Analyzer
Analyze HTTP security headers and get a security grade (A+ to F) with detailed recommendations.
100% Client-Side - Analysis runs in your browser
headers_input.sh
How to get headers:
- • Browser DevTools: Network tab → Select request → Headers tab
- • cURL:
curl -I https://example.com - • Online tools: Use securityheaders.com to scan, then paste here for detailed analysis
Security Grade
-
Score:
$ cat analysis_results.json
$ cat recommendations.md
$ cat grading_system.md
| Grade | Description |
|---|---|
| A+ | All critical headers present with strong configuration |
| A | All critical headers present, minor configuration improvements possible |
| B | Most critical headers present, missing some recommended headers |
| C | Some security headers present but weak policies detected |
| D | Multiple critical headers missing |
| F | Critical security headers missing, high risk |
$ cat headers_covered.txt
Strict-Transport-Security
Forces HTTPS connections
Content-Security-Policy
Controls resource loading
X-Frame-Options
Prevents clickjacking
X-Content-Type-Options
Prevents MIME sniffing
Referrer-Policy
Controls referrer info
Permissions-Policy
Controls browser features
Disclaimer
This tool is for educational and defensive purposes only. Only test headers from systems you own or have explicit permission to test. The author is not responsible for any misuse.