EasyScan is a Python script that analyzes the security of a given website by inspecting its HTTP headers, DNS records, and other configurations. The script generates a security report with a score, grade, and recommendations for addressing potential vulnerabilities.
The script covers the following test cases:
- SSL/TLS Verification: Checks if the site uses HTTPS, validates the certificate, and reports expiry (warns if <30 days).
- Same Site Scripting: Checks for
Referrer-Policyheader and meta tag. - SPF Records: Checks for Sender Policy Framework records.
- DMARC Records: Checks for Domain-based Message Authentication, Reporting, and Conformance records.
- DNS CAA Records: Checks for Certificate Authority Authorization records to restrict certificate issuance.
- Public Admin Pages: Scans for common admin paths (e.g.,
/admin,/wp-admin,/phpmyadmin,/cpanel). - Directory Listing: Checks common directories (
/images,/uploads,/files, etc.) for exposed directory listings. - Security Headers: Checks for CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Permissions-Policy, Referrer-Policy, and more.
- Cookie Security: Checks all
Set-Cookieheaders forSecure,HttpOnly,SameSiteattributes and__Secure-/__Host-prefixes. - Information Disclosure: Checks for
Server,X-Powered-By,X-AspNet-Versionheaders. - CORS Misconfigurations: Checks for insecure
Access-Control-Allow-Originsettings and wildcard + credentials conflicts. - Content-Type Sniffing: Checks for mismatched content types and missing
Content-Typeheader. - Cache Control: Checks for insecure or missing cache settings.
- Robots.txt Analysis: Scans
robots.txtfor potentially sensitive disallowed paths. - HTTP Methods: Sends
OPTIONSrequests to detect dangerous verbs (TRACE, DELETE, PUT, CONNECT). - Sensitive File Exposure: Probes for
.git/config,.env,.htaccess,backup.sql,wp-config.php.bak, and more. - Subresource Integrity (SRI): Scans external
<script>and<link>tags for missingintegrityattributes. - Mixed Content: Detects
http://resource URLs loaded on HTTPS pages. - Email Address Exposure: Scans page source for exposed email addresses.
- Clickjacking: Checks both
X-Frame-Optionsand CSPframe-ancestorsfor clickjacking protection. - Host Header Injection: Tests if a forged
Hostheader is reflected in redirects or response body. - Open Redirect: Tests common URL parameters (
url,next,redirect,return, etc.) for open redirect vulnerabilities. - JavaScript Library Versions: Detects outdated jQuery, AngularJS, Bootstrap, Lodash, and Handlebars from page source.
EasyScan requires Python 3.6+ and the following libraries:
requestsbeautifulsoup4dnspythoncertifi
You can install these dependencies using the provided requirements.txt file:
pip install -r requirements.txtTo use the EasyScan script, follow these steps:
- Clone the repository or save the code to a file named
easyscan.py. - Install the dependencies:
pip install -r requirements.txt
- Run the script:
You can pass the URL as a command-line argument or enter it when prompted.
python3 easyscan.py [url]
| Flag | Description |
|---|---|
url |
Positional argument. The URL to scan (e.g. example.com or https://example.com). |
--json |
Output results as JSON to stdout. |
--output FILE / -o FILE |
Save the report to a specific file. |
--timeout SECS / -t SECS |
Set the request timeout in seconds (default: 10). |
--verbose / -v |
Enable debug-level logging output. |
Basic scan:
python3 easyscan.py example.comScan with JSON output saved to a file:
python3 easyscan.py example.com --json --output report.jsonScan with a longer timeout and verbose logging:
python3 easyscan.py https://example.com --timeout 20 --verboseUse the --json flag to get structured JSON output, which is useful for integration with other tools:
python3 easyscan.py example.com --jsonThe JSON report includes a score object with the aggregate score (0-100), a letter grade (A-F), severity counts, and all findings.
================================================================================================================================================================
SECURITY REPORT
================================================================================================================================================================
Header Status Severity Recommendation
================================================================================================================================================================
[CRI] SSL/TLS Missing Critical The site is not using HTTPS. Implement SSL/TLS to encrypt data in transit.
[HI] Clickjacking No Protection High Set 'X-Frame-Options: DENY' or CSP 'frame-ancestors' directive to prevent clickjacking.
[HI] Public Admin Page (/admin) Accessible High Restrict access to /admin to specific IP addresses and/or enable authentication.
[MED] Content-Security-Policy Missing Medium Implement a Content Security Policy (CSP) to prevent XSS and code injection attacks.
[MED] Strict-Transport-Security Missing Medium Implement Strict Transport Security (HSTS) to enforce secure connections.
[MED] Permissions-Policy Missing Medium Set a 'Permissions-Policy' header to restrict browser features (camera, microphone, geolocation).
[LOW] SPF Record Missing Low Add an SPF record to your domain's DNS settings to help prevent email spoofing.
[INF] Meta Referrer Missing Low Add a 'referrer' META tag with 'no-referrer' to prevent leaking referrer information.
============================================================
SECURITY SCORE: 55/100 (Grade: C)
============================================================
Total Issues : 8
Critical : 1
High : 2
Medium : 4
Low : 1
Info : 0
============================================================
Keep in mind that the script may not cover all possible security scenarios, and it's recommended to perform a thorough security assessment for your website.
EasyScan is also available at https://easyscan.onrender.com/
If you have any questions or need a full security audit, please reach out on Twitter @0xdevrel.