SecHeaders 1.0 Icon

SecHeaders

Rambou Tools
3
6 Ratings
1K+
Downloads
1.0
version
Oct 12, 2015
release date
1.3 MB
file size
Free
Download

About SecHeaders Android App

An app that takes as an input some websites and then gathers, filter, visualize and generate statistics of their Security Headers. It's started as a mini-project for the course of "Mobile and Wireless Networks Security" at the Department of Information & Communication Systems Engineering, University of Aegean. So don't expect anything fancy lads. :bowtie: Also the project build with Android Studio IDE, if you want to you can import it to eclipse (needs to be converted).
The app will filter all headers to find the ones for security. Those will be filtered are 10 and mentioned above. :wink:

***Access Control Allow Origin - When Site A tries to fetch content from Site B, Site B can send an Access-Control Allow-Origin response header to tell the browser that the content of this page is accessible to certain origins.
***Content Security Policy (CSP) - Helps detect/prevent XSS, mixed-content, and other classes of attack. CSP 1.1 Specification.
***Cross Domain Meta Policy - Tells Flash and PDF files which Cross Domain Policy files found on your site can be obeyed; yes, it's a policy about other policies!
Server Information - Who has a need to know what type of server you're running?
***UTF-8 Character Encoding - Minimizing the likelihood that malicious character conversion could happen.
***X-Frame-Options (XFO) - Prevents your content from being framed and potentially clickjacked. X-Frame-Options draft.
***X-Powered-By - Who has a need to know what software version you're running?
***X-XSS-Protection - Cross site scripting heuristic filter for IE/Chrome.
***X-Content-Type-Options - Prevent content type sniffing "NoSniff".
***X-Download-Options - Prevent file downloads opening.
***HTTP Strict Transport Security (HSTS) - Ensures the browser never visits the http version of a website. Protects SSLStrip/Firesheep attacks. HSTS Specification
***Secure Cookies - Ensure that the server knows the client. Checking the use of Set-Cookie2 along to the insecure Set-Cookie.
***X-Pingback - Header for blogs, a url that allows other sites that link to that site/site's article to tell the site that it did link to that site. Before adding it, used for DDOS attacks.
P3P - Header for Platform for Privacy Preferences.

Other Information:

Package Name:
Requires Android:
Android 4.1+ (Jelly Bean, API 16)
Other Sources:
Category:

Download

This version of SecHeaders Android App comes with one universal variant which will work on all the Android devices.

Variant
1
(Oct 12, 2015)
Architecture
Unlimited
Minimum OS
Android 4.1+ (Jelly Bean, API 16)
Screen DPI
nodpi (all screens)

All Versions

If you are looking to download other versions of SecHeaders Android App, We have 1 version in our database. Please select one of them below to download.

Loading..