🔍 Introduction

Keeping your website secure starts with understanding how it's exposed. This Python script helps you analyze two major aspects of web security:

• 🚨 Missing HTTP Security Headers
• 🔒 SSL Certificate Details

With just a few lines of code, you can perform a quick sacn of any website and identify potential weaknesses that hackers might exploit.

🔐 What Are Security Headers?

Security headers are HTTP response headers that provide browsers with information on how to behave securely when interacting with a site. The script checks for the following headers:

• Content-Security-Policy -> Prevents XSS attacks

• Strict-Transport-Security -> Enforces HTTPS connections

• X-Content-Type-Options -> Blocks MIME type sniffing

• X-Frame-Options -> Protects against clickjacking via iframes

• X-XSS-Protection -> Enables browser XSS filters

• Referer-Policy -> Controls how referrer information is sent

• Permissions-Policy -> Restricts access to APIs (e.g., camera, mic)

💻 Python Code to Scan a Website

Below is the complete code:

📦 Requirements

pip install requests

📊 Example Output

⚠️ Important Notes

• This script is for educational and internal security auditing purposes only.
  Never scan domains without permission. Unauthorized scanning may be illegal.