HTTP Missing Security Headers

What is the "HTTP Missing Security Headers" module?

The "HTTP Missing Security Headers" module is designed to detect missing security headers in HTTP responses. It targets websites and web applications that may have misconfigured or omitted important security headers. This module is informative in nature and aims to provide insights into potential security vulnerabilities.

Severity: Informative

Original Authors: socketz, geeknik, G4L1T0, convisoappsec, kurohost, dawid-czarnecki, forgedhallpass, jub0bs

Impact

The impact of missing security headers can vary depending on the specific header that is missing. Security headers play a crucial role in protecting websites and web applications against various types of attacks, such as cross-site scripting (XSS), clickjacking, and data leakage. Without these headers, the affected website or application may be more vulnerable to these types of attacks.

How does the module work?

The "HTTP Missing Security Headers" module works by sending HTTP requests to the target website or application and analyzing the headers in the response. It checks for the presence of specific security headers and evaluates whether they are missing or misconfigured.

Example of a matching condition:

!regex(`(?i)strict-transport-security`, all_headers) && status_code != 301 && status_code != 302

This condition checks if the "Strict-Transport-Security" header is missing in the response and ensures that the status code is not a redirect (301 or 302).

The module includes additional matching conditions for other security headers, such as "Content-Security-Policy", "X-Frame-Options", "X-Content-Type-Options", and more. Each condition checks for the absence of the corresponding header and verifies that the status code is not a redirect.

By running this module, you can identify potential security weaknesses in the target website or application and take appropriate measures to address them.