owasp secure headers project

www-project-secure-headers

Wiki

The OWASP Secure Headers Project

⭐ 140

🍴 38

🐛 2

👥 19

Primary Language: Python

License: Apache License 2.0

Last Commit: Dec 29, 2024

Updated 3 weeks, 4 days ago

Website View on GitHub

oshp-stats

Stats about HTTP response security headers usage mentioned by the OSHP.

⭐ 13

🍴 4

🐛 0

👥 4

Primary Language: Python

License: GNU General Public License v3.0

Last Commit: Dec 02, 2024

Updated 1 month ago

Website View on GitHub

headers

An application to catch, search and analyze HTTP secure headers.

⭐ 64

🍴 9

🐛 7

👥 4

Primary Language: Python

License: GNU General Public License v2.0

Last Commit: Jun 02, 2021

Updated 1 month, 1 week ago

Website View on GitHub

headers-ui-container

An easy way to up and running a web interface to navigate in data collected by headers core script.

⭐ 2

🍴 2

🐛 0

👥 1

Primary Language: PHP

License: Apache License 2.0

Last Commit: Mar 24, 2017

Updated 2 months, 3 weeks ago

View on GitHub

venom

🐍 Manage and run your integration tests with efficiency - Venom run executors (script, HTTP Request, web, imap, etc... ) and assertions

⭐ 1,068

🍴 143

🐛 25

👥 80

Primary Language: Go

License: Apache License 2.0

Last Commit: Oct 15, 2024

Latest Release: Venom v1.2.0 (Mar 29, 2024)

Updated 1 month ago

View on GitHub

oshp-validator

Venom tests suite to validate an HTTP security response headers configuration against OSHP recommendation.

⭐ 104

🍴 20

🐛 0

👥 4

Primary Language: Python

License: GNU General Public License v3.0

Last Commit: Dec 03, 2024

Updated 3 weeks, 6 days ago

Website View on GitHub

oshp-tracking

Repository used to organize freely the work on the OSHP projects.

⭐ 3

🍴 1

🐛 2

👥 1

License: GNU General Public License v3.0

Last Commit: Dec 18, 2024

Updated 1 month ago

Website View on GitHub

atmosphere

Event Driven WebSockets Framework with Cross-Browser Fallbacks

⭐ 3,703

🍴 751

🐛 41

👥 173

Primary Language: Java

Last Commit: Nov 07, 2024

Updated 3 weeks, 4 days ago

Website View on GitHub

incubator-pagespeed-mod

Apache module for rewriting web pages to reduce latency and bandwidth.

⭐ 694

🍴 156

🐛 526

👥 58

Primary Language: C++

License: Apache License 2.0

Last Commit: Apr 21, 2023

Latest Release: 1.9.32.11 (Dec 09, 2015)

Updated 1 month, 1 week ago

Website View on GitHub

incubator-pagespeed-ngx

Automatic PageSpeed optimization module for Nginx

⭐ 4,364

🍴 361

🐛 354

👥 45

Primary Language: C++

License: Apache License 2.0

Last Commit: Apr 21, 2023

Latest Release: 1.9.32.10 (Oct 09, 2015)

Updated 1 month ago

Website View on GitHub

nmap

Nmap - the Network Mapper. Github mirror of official SVN repository.

⭐ 10,410

🍴 2,432

🐛 636

👥 61

Primary Language: C

License: Other

Last Commit: Dec 19, 2024

Updated 3 weeks, 2 days ago

Website View on GitHub

csp-evaluator

⭐ 337

🍴 46

🐛 15

👥 12

Primary Language: TypeScript

License: Apache License 2.0

Last Commit: Oct 29, 2024

Updated 3 weeks, 5 days ago

Website View on GitHub

secure_headers

Manages application of security headers with many safe defaults

⭐ 3,163

🍴 253

🐛 22

👥 104

Primary Language: Ruby

License: MIT License

Last Commit: Dec 30, 2024

Latest Release: v7.1.0 (Dec 16, 2024)

Updated 3 weeks, 2 days ago

View on GitHub

webappsec-clear-site-data

WebAppSec Clear Site Data

⭐ 19

🍴 21

🐛 35

👥 14

Primary Language: HTML

License: Other

Last Commit: Feb 07, 2024

Updated 2 months, 2 weeks ago

Website View on GitHub

xsleaks

A collection of browser-based side channel attack vectors.

⭐ 745

🍴 49

🐛 0

👥 5

License: Apache License 2.0

Last Commit: Mar 19, 2024

Updated 1 month, 1 week ago

View on GitHub

webappsec-permissions-policy

A mechanism to selectively enable and disable browser features and APIs

⭐ 400

🍴 156

🐛 91

👥 64

Primary Language: Bikeshed

License: Other

Last Commit: Sep 25, 2024

Updated 1 month ago

Website View on GitHub

hsecscan

A security scanner for HTTP response headers.

⭐ 295

🍴 77

🐛 0

👥 3

Primary Language: Python

License: GNU General Public License v2.0

Last Commit: Dec 24, 2022

Updated 3 weeks, 2 days ago

View on GitHub

humble

A humble, and 𝗳𝗮𝘀𝘁, security-oriented HTTP headers analyzer.

⭐ 296

🍴 20

🐛 1

👥 2

Primary Language: Python

License: MIT License

Last Commit: Dec 29, 2024

Latest Release: 1.44 (Dec 04, 2024)

Updated 3 weeks, 4 days ago

Website View on GitHub

http-observatory

Mozilla HTTP Observatory

⭐ 1,859

🍴 170

🐛 73

👥 28

Primary Language: Python

License: Mozilla Public License 2.0

Last Commit: Oct 22, 2024

Updated 3 weeks, 5 days ago

Website View on GitHub

http-observatory-website

Mozilla Observatory (Website)

⭐ 307

🍴 54

🐛 59

👥 18

Primary Language: HTML

License: Mozilla Public License 2.0

Last Commit: Oct 21, 2024

Updated 1 month, 3 weeks ago

Website View on GitHub

testssl.sh

Testing TLS/SSL encryption anywhere on any port

⭐ 8,081

🍴 1,029

🐛 252

👥 137

Primary Language: Shell

License: GNU General Public License v2.0

Last Commit: Dec 06, 2024

Latest Release: Release version 3.2rc3 (Oct 10, 2023)

Updated 3 weeks, 3 days ago

Website View on GitHub

DrHeader

drHEADer helps with the audit of security headers received in response to a single request or a list of requests.

⭐ 109

🍴 28

🐛 9

👥 22

Primary Language: Python

License: MIT License

Last Commit: Dec 23, 2024

Latest Release: Release v2.0.0 (Oct 31, 2023)

Updated 1 month ago

View on GitHub

NetEscapades.AspNetCore.SecurityHeaders

Small package to allow adding security headers to ASP.NET Core websites

⭐ 707

🍴 73

🐛 3

👥 19

Primary Language: C#

License: MIT License

Last Commit: Nov 01, 2024

Updated 1 month ago

View on GitHub

secure_headers

Manages application of security headers with many safe defaults

⭐ 3,163

🍴 253

🐛 22

👥 104

Primary Language: Ruby

License: MIT License

Last Commit: Dec 30, 2024

Latest Release: v7.1.0 (Dec 16, 2024)

Updated 3 weeks, 2 days ago

View on GitHub

SecureHeaders

A PHP library aiming to make the use of browser security features more accessible.

⭐ 428

🍴 20

🐛 12

👥 5

Primary Language: PHP

License: MIT License

Last Commit: Nov 17, 2023

Latest Release: SecureHeaders v2.0: The We ❤️ Frameworks Edition (Aug 28, 2017)

Updated 1 month, 1 week ago

View on GitHub

secure-headers

PHP Secure Headers

⭐ 509

🍴 45

🐛 1

👥 15

Primary Language: PHP

License: MIT License

Last Commit: Dec 16, 2024

Updated 1 month ago

View on GitHub

rack-secure_headers

Security related headers for Rack applications

⭐ 20

🍴 3

🐛 1

👥 4

Primary Language: Ruby

License: MIT License

Last Commit: Jun 16, 2021

Latest Release: 0.0.2 (Oct 01, 2015)

Updated 1 year, 5 months ago

View on GitHub

helmet

Help secure Express apps with various HTTP headers

⭐ 10,281

🍴 368

🐛 3

👥 52

Primary Language: TypeScript

License: MIT License

Last Commit: Sep 28, 2024

Updated 3 weeks, 2 days ago

Website View on GitHub

ember-cli-content-security-policy

⭐ 158

🍴 51

🐛 7

👥 37

Primary Language: JavaScript

License: MIT License

Last Commit: Dec 01, 2024

Latest Release: Release 2.0.3 (Jan 02, 2022)

Updated 3 months, 1 week ago

View on GitHub

blankie

a hapi CSP plugin

⭐ 52

🍴 16

🐛 7

👥 9

Primary Language: JavaScript

Last Commit: May 22, 2023

Updated 11 months ago

View on GitHub

django-csp

Content Security Policy for Django.

⭐ 572

🍴 106

🐛 16

👥 62

Primary Language: Python

License: BSD 3-Clause "New" or "Revised" License

Last Commit: Dec 15, 2024

Latest Release: 3.8 (Mar 01, 2024)

Updated 4 weeks ago

Website View on GitHub

django-security

A collection of models, views, middlewares, and forms to help secure a Django project.

⭐ 275

🍴 48

🐛 3

👥 39

Primary Language: Python

License: BSD 4-Clause "Original" or "Old" License

Last Commit: Sep 09, 2024

Latest Release: 1.0.4 (Aug 21, 2024)

Updated 2 months, 2 weeks ago

View on GitHub

secure

Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.

⭐ 910

🍴 27

🐛 4

👥 9

Primary Language: Python

License: MIT License

Last Commit: Oct 18, 2024

Latest Release: v1.0.1 - Performance Improvements for Secure.set_headers (Oct 18, 2024)

Updated 1 month ago

View on GitHub

helmet

HTTP security middleware for Go(lang) inspired by HelmetJS.

⭐ 34

🍴 3

🐛 0

👥 2

Primary Language: Go

License: MIT License

Last Commit: Jul 23, 2022

Latest Release: v1.0.2 (Apr 03, 2022)

Updated 5 months, 1 week ago

View on GitHub

webappsec-permissions-policy

A mechanism to selectively enable and disable browser features and APIs

⭐ 400

🍴 156

🐛 91

👥 64

Primary Language: Bikeshed

License: Other

Last Commit: Sep 25, 2024

Updated 1 month ago

Website View on GitHub

Chat with BLT Bot

OWASP

owasp secure headers project

Project View Count Badge

Associated Repositories

www-project-secure-headers

oshp-stats

headers

headers-ui-container

venom

oshp-validator

oshp-tracking

atmosphere

incubator-pagespeed-mod

incubator-pagespeed-ngx

nmap

csp-evaluator

secure_headers

webappsec-clear-site-data

xsleaks

webappsec-permissions-policy

hsecscan

humble

http-observatory

http-observatory-website

testssl.sh

DrHeader

NetEscapades.AspNetCore.SecurityHeaders

secure_headers

SecureHeaders

secure-headers

rack-secure_headers

helmet

ember-cli-content-security-policy

blankie

django-csp

django-security

secure

helmet

webappsec-permissions-policy

Project Timeline