import requests
# Function to analyze HTTP headers
def analyze_headers(url):
try:
response = requests.get(url)
headers = response.headers
print(f"HTTP Headers for {url}:\n")
for header, value in headers.items():
print(f"{header}: {value}")
# Check for common security headers
security_headers = [
'Content-Security-Policy',
'X-Content-Type-Options',
'X-Frame-Options',
'X-XSS-Protection',
'Strict-Transport-Security',
'Referrer-Policy',
'Feature-Policy',
]
print("\nSecurity Header Analysis:")
for header in security_headers:
if header in headers:
print(f"[+] {header} is present.")
else:
print(f"[-] {header} is missing.")
except requests.exceptions.RequestException as e:
print(f"Error fetching headers: {e}")
if __name__ == "__main__":
target_url = input("Enter the URL to analyze (e.g., http://example.com): ")
analyze_headers(target_url)