Skip to content

wavegxz-design/webcheck

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
webcheck.sh
webcheck.sh
 
 

Repository files navigation


Version Shell License Platform BugBounty


Single-script HTTP security auditor for pentesters and bug bounty hunters. No Python. No npm. No Docker. Just curl + openssl.**


Features · Install · Usage · Modules · Scoring · Roadmap · Author

🔍 What is webcheck?

webcheck audits the security posture of any HTTP/HTTPS target in seconds. It runs five focused modules — headers, cookies, TLS, redirects, and information disclosure — and outputs a color-coded terminal report with a 0–100 risk score and letter grade.

Built to work anywhere Kali/Parrot/Ubuntu runs. Zero extra dependencies.

✨ Features

Feature What it does
🔀 HTTP → HTTPS Validates redirect chain and destination
🛡️ Security Headers Audits 9 headers with value-level analysis
🕵️ Info Disclosure Detects server versions, CMS leaks, CORS wildcards
🍪 Cookies Per-cookie Secure / HttpOnly / SameSite analysis
🔒 TLS / SSL Protocols, ciphers, expiry, self-signed detection
📊 Risk Score 0–100 score with A+→F grade, deducted per finding
🎨 Colored Output CRITICAL · HIGH · MEDIUM · LOW · OK
🧹 Safe Cleanup trap ensures temp files always removed

⚡ Install

git clone https://github.com/wavegxz-design/webcheck.git
cd webcheck
chmod +x webcheck.sh

Requirements — pre-installed on Kali, Parrot, Ubuntu:

curl   openssl   grep   awk   sed

🚀 Usage

webcheck.sh <target> [options]

Usage:
  ./webcheck.sh example.com
  ./webcheck.sh -t https://example.com
  ./webcheck.sh --target http://192.168.1.1

Target formats:
  example.com
  https://example.com
  http://192.168.1.1
  http://localhost:8080

Options:
  -t, --target <url>   Target URL or domain
  -h, --help           Show help
  -v, --version        Print version

Examples:
  ./webcheck.sh testphp.vulnweb.com
  ./webcheck.sh -t https://juice-shop.example.com
  ./webcheck.sh --target http://dvwa.local

⚠  Authorized targets only.

📋 Modules

🔀 HTTP → HTTPS Redirect

Checks whether HTTP automatically redirects to HTTPS, validates the redirect code and destination.

[OK]       HTTP redirects to HTTPS [301]
[HIGH]     HTTP redirects but NOT to HTTPS
[MEDIUM]   HTTP responds directly — no redirect configured
[INFO]     HTTP port unreachable (HTTPS-only or firewalled)

🛡️ Security Headers

Audits 9 response headers. Checks not just presence but also correctness of values.

Header What is checked
Strict-Transport-Security Presence, max-age value, preload directive
Content-Security-Policy Presence, unsafe-inline, unsafe-eval, wildcards
X-Frame-Options DENY / SAMEORIGIN / deprecated ALLOW-FROM
X-Content-Type-Options Must be nosniff
Referrer-Policy Value risk level
Permissions-Policy Presence
X-XSS-Protection Should be 0 (deprecated — rely on CSP)
Cross-Origin-Opener-Policy Presence
Cross-Origin-Resource-Policy Presence

🕵️ Information Disclosure

[HIGH]     Server: nginx/1.18.0             ← version exposed
[HIGH]     X-Powered-By: PHP/8.1.2          ← remove this header
[HIGH]     X-AspNet-Version: 4.0.30319      ← .NET version leak
[HIGH]     CORS: Access-Control-Allow-Origin: *
[MEDIUM]   X-Generator: WordPress 6.4       ← CMS fingerprint
[OK]       X-Powered-By absent
[OK]       Server absent or genericized

🍪 Cookies

Each Set-Cookie header is analyzed individually:

Cookie 1: session_id
  ✓ Secure
  ✗ [HIGH]   Missing HttpOnly flag
  ✗ [MEDIUM] Missing SameSite attribute
  → Persistent (has expiry)

🔒 TLS / SSL

[OK]       Certificate valid for 213 more days
[OK]       TLS 1.2 supported
[OK]       TLS 1.3 supported
[CRITICAL] Weak protocol: TLS 1.0 enabled
[CRITICAL] Weak cipher: RC4-MD5
[HIGH]     Self-signed certificate
[LOW]      HSTS preload missing

📊 Scoring

Score starts at 100. Each finding deducts points:

Severity Deduction
🔴 CRITICAL −20 pts
🔴 HIGH −15 pts
🟡 MEDIUM −8 pts
🔵 LOW −3 pts
✅ PASSED 0 pts

Grades:

Grade Score
A+ 90–100
A 80–89
B 70–79
C 60–69
D 50–59
F 0–49

🛣️ Roadmap

v1.2

  • --output json — machine-readable report
  • --output md — save Markdown report to file
  • --timeout flag — custom timeout per request
  • HSTS preload list lookup (hstspreload.org API)

v2.0

  • Batch scanning: --file targets.txt
  • recon-kit integration — pipe subdomain list directly
  • --fail-on HIGH — non-zero exit for CI/CD pipelines
  • Nuclei template generation from findings

🔗 Related Projects

Project Description
recon-kit Modular recon — WHOIS, DNS, subdomains, ports, SSL
NEXORA-TOOLKIT Advanced ADB toolkit for Android

⚖️ Legal

MIT License. Use on systems you own or have written authorization to test. Unauthorized use is illegal.


krypthane · Red Team Operator & Open Source Developer


Site Telegram Email GitHub


⭐ Star if webcheck found something on your target

About

HTTP security auditor — headers, cookies, TLS, redirects & info disclosure. Color-coded terminal report with risk scoring. Bash · Zero dependencies · Bug bounty ready

Topics

bash security cookies bug-bounty infosec web-security pentesting recon kali-linux offensive-security http-security sll headers-security authorized-testing

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages