在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称:mozilla/http-observatory开源软件地址:https://github.com/mozilla/http-observatory开源编程语言:Python 97.7%开源软件介绍:Mozilla HTTP Observatory -The Mozilla HTTP Observatory is a set of tools to analyze your website and inform you if you are utilizing the many available methods to secure it. It is split into three projects:
Scanning sites with the HTTP ObservatorySites can be scanned using:
ContributingPrerequisites
NotesThese instructions assume that you have a working Python3.7 development environment with If this is not appropriate for your environment, you may install the appropriate requirements using your OS package manager (or other means) and skip the Running a scan from the local codebase, without DB, for continuous integration# Install the HTTP Observatory
$ git clone https://github.com/mozilla/http-observatory.git
$ cd http-observatory
$ pip3 install --upgrade .
$ pip3 install --upgrade -r requirements.txt Using the local scanner function calls>>> from httpobs.scanner.local import scan
>>> scan('observatory.mozilla.org') # a scan with default options
>>> scan('observatory.mozilla.org', # all the custom options
http_port=8080, # http server runs on port 8080
https_port=8443, # https server runs on port 8443
path='/foo/bar', # don't scan /, instead scan /foo/bar
cookies={'foo': 'bar'}, # set the "foo" cookie to "bar"
headers={'X-Foo': 'bar'}, # send an X-Foo: bar HTTP header
verify=False) # treat self-signed certs as valid for tests like HSTS/HPKP The same, but with the local CLI$ httpobs-local-scan --http-port 8080 --https-port 8443 --path '/foo/bar' \
--cookies '{"foo": "bar"}' --headers '{"X-Foo": "bar"}' --no-verify mozilla.org Running a local scanner with Docker
# Install the HTTP Observatory client and requests library
$ git clone https://github.com/mozilla/http-observatory.git
$ cd http-observatory
$ pip3 install .
$ pip3 install --upgrade requests
# Create docker machine
$ docker-machine create --driver virtualbox --virtualbox-disk-size "40000" http-observatory
# Save the URL to the API in your .profile, .bash_profile, or whatever
$ echo export HTTPOBS_API_URL=http://$(docker-machine ip http-observatory):57001/api/v1 >> ~/.profile
$ . ~/.profile
# Start up the docker instance and install all the pieces
$ eval $(docker-machine env http-observatory)
$ docker-compose up -d Creating a local installation (tested on Ubuntu 15)
Authors
License
|
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论