There are 1 repository under hsts topic.
⚙️ NGINX config generator on steroids 💉
Testing TLS/SSL encryption anywhere on any port
Manages application of security headers with many safe defaults
An upgradable boilerplate for Progressive web applications (PWA) with server side rendering, build with SEO in mind and achieving max page speed and optimized user experience.
:lock: Chromium's HSTS preload list submission website.
Scan domains and return data based on HTTPS best practices
PHP Secure Headers
A PHP library aiming to make the use of browser security features more accessible.
Check any website (or set of websites) for insecure security headers.
An automated Wireless RogueAP MITM attack framework.
🔒🔍 A Go package to scan sites against requirements for Chromium-maintained HSTS preload list.
CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration and supporting protocols such as HTTP2 and DNS.
Internet standards compliance test suite
NGINX Module for sending security headers
Forced Man-In-The-Middle HTTPs-Avoiding Reverse Proxy
Module for Nuxt.js to configure security headers and more
Lib.Web.Mvc is a library which contains some helper classes for ASP.NET MVC such as strongly typed jqGrid helper, attribute and helper providing support for HTTP/2 Server Push with Cache Digest, attribute and helpers providing support for Content Security Policy Level 2, FileResult providing support for Range Requests, action result and helper providing support for XSL transformation and more.
nodejs + express security and performance boilerplate.
IIS module for configuring and injecting the HSTS into IIS sites.
Lib.AspNetCore.Security is a library which provides security features like Content Security Policy, Strict Transport Security or Expect-CT for ASP.NET Core
http://testssl.sh/ in a tiny docker container
Fully-featured tool that combines state-of-the-art TLS analyzers with a report system that suggests appropriate mitigations and shows the full set of viable attacks.
A tiny (5.59Mb light standalone binary) static web server with customizable behavior, secure and monitored by default.
This plugin provides native SSL instrumentation for monitoring, including: hostname and chain verification, cert expiry, and Qualys SSL Labs reporting
:lock: HTTP Headers for Wordpress
A tool to parse Firefox and Chrome HSTS databases into forensic artifacts!
Provides support for configuring various http headers that are important for web services.
PSR-15 middleware to redirect to https and adds the Strict-Transport-Security header
A small package for ASP.Net (Core) to automatically configure secure HTTP-Headers
:whale: Dockette Nginx SSL / HSTS / HTTP2 Dockerfile
Proof that HSTS SuperCookies DON'T work!
Chromium HSTS Preload list as a Python package and updated daily.
Dokku HSTS Plugin is a simple plugin that gives the ability to enable HSTS on a per-app basis.
security headers for micro
🔑 Security utilities, CSP, HPKP, HSTS and other security wins
Apache2.4 configuration and site templates