# webserver_headers

This script will look at web headers and create a score based on security recommendations.


Dependencies:
Make sure that you can run the command whois.  This is necessary to lookup the nameservers and ISP.  RHEL/Centos/AWS linux hosts, run the command:
sudo yum install jwhois

For Debian based systems, install whois by running
sudo apt install whois

Next, create a file called domains in the same directory and add fqdn names in this file.

Not the most elegant script, but it gets the job done.

Creates a csv file called resolution_results.csv

My scoring:
PKP=30
STS=25
CSP=25 --
XFO=20 --
XXSSP=20 --
XCTO=20 --

Total HTTPS=140
Total HTTP=85