pshtt
pshtt copied to clipboard
cisagov
Scan domains and return data based on HTTPS best practices
# π Feature Proposal Verify Certificate Transparency Logging on a given website ## Motivation Compliance with agency security directives ## Example Boolean yes/no check on whether Certificate Transparency Logs are...
Hi, users are unable to run **_pshtt_** due to dependency conflict with _**cryptography**_ package. As shown in the following full dependency graph of **_pshtt_**, **_pyopenssl_** requires _**cryptography >=2.8**_οΌwhile **_sslyze_** requires...
This PR would update the `hsts_check()` function's method of processing the HSTS header. Currently we do not closely conform to RFCs 7230 and 6797 with regard to valid header formats....
# π Bug Report pshtt sometimes returns `None` for the `Valid HTTPS` field. Originally reported by @climber-girl. ## To Reproduce This error is difficult to reproduce. It happened with the...
# π Bug Report A clear and concise description of what the bug is. ## To Reproduce Steps to reproduce the behavior: Install pshtt on CentOS 7.7. Run test against...
Work-in-progress: DO NOT MERGE!! This PR is to fix #194 by checking both https and httpswww endpoints to determine HSTS status for the domain.
# π Bug Report Consider the function `hsts_check()` in `pshtt/pshtt.py`. It's not just a bad hostname that should cause the HSTS header to be ignored. It is also ignored if...
# π Bug Report The current pshtt logic that examines the HSTS headers gives credit if any HSTS header encountered in the redirect chain involves the initial endpoint/hostname. If the...
While looking at egeo.usss.gov for HTTPS/HSTS issues per customer request for assistance to understand why 'Enforces HTTPS' was failing (based on the most recent code change we made here: https://github.com/cisagov/pshtt/pull/192,...
# π Bug Report When performing pshtt scanning, sometimes we get an error in AWS Lambda stating "other requests response exception". In this case we do not receive scan results...