-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathquick_security_test.py
More file actions
61 lines (48 loc) · 2.17 KB
/
quick_security_test.py
File metadata and controls
61 lines (48 loc) · 2.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#!/usr/bin/env python3
"""
اختبار سريع للتحقق من رؤوس الأمان المفقودة
Quick Security Headers Test
"""
import requests
def quick_security_test():
print("=== اختبار سريع لرؤوس الأمان ===")
target = "http://httpbin.org"
endpoints = ["/api/v1", "/api/v2", "/api", "/rest", "/rest/api"]
all_missing_headers = []
for endpoint in endpoints:
print(f"\n[*] اختبار: {target}{endpoint}")
try:
response = requests.get(f"{target}{endpoint}", timeout=5)
headers = response.headers
# التحقق من الرؤوس المهمة
missing = []
if 'X-Frame-Options' not in headers:
missing.append('X-Frame-Options')
if 'X-Content-Type-Options' not in headers:
missing.append('X-Content-Type-Options')
if 'X-XSS-Protection' not in headers:
missing.append('X-XSS-Protection')
if 'Strict-Transport-Security' not in headers:
missing.append('Strict-Transport-Security')
if 'Content-Security-Policy' not in headers:
missing.append('Content-Security-Policy')
if missing:
print(f"[!] رؤوس مفقودة: {', '.join(missing)}")
all_missing_headers.extend(missing)
else:
print("[✓] جميع الرؤوس المهمة موجودة")
except Exception as e:
print(f"[-] خطأ: {e}")
# تقرير نهائي
print(f"\n{'='*50}")
print("=== تقرير اختبار رؤوس الأمان ===")
if all_missing_headers:
from collections import Counter
header_counts = Counter(all_missing_headers)
print("[!] تم تأكيد وجود رؤوس أمان مفقودة:")
for header, count in header_counts.items():
print(f" • {header}: مفقودة في {count} نقاط نهاية")
else:
print("[✓] لم يتم العثور على رؤوس مفقودة")
if __name__ == "__main__":
quick_security_test()