Hacker News new | ask | show | jobs
by stefanorri 3776 days ago
HTTPSecurityReport - https://httpsecurityreport.com - Disclaimer: I'm the creator.

Site Scan from MS - https://dev.windows.com/en-us/microsoft-edge/tools/staticsca...

Subresource Integrity scanner - https://sritest.io/
3 comments
newman314 3776 days ago
Maybe you can add HTTP2/SPDY detection too. BTW your HSTS test does not verify if the format/syntax is correct.

--

These are all good but I would include the following:

Qualys SSL Server Test - The first site I use.

testssl.sh - for behind the fireware testing

https://tls.imirhil.fr/ - this one is nice because it shows the ciphers used/avail broken down by TLS version. I have not seen any other site do this.

link
Beowolve 3776 days ago
Thanks for these! I like that yours covered a lot more than the one OP posted.
link
stefanorri 3776 days ago
Thanks, glad to hear it!
link
mwpmaybe 3776 days ago
HTTPSecurityReport is great! Thank you!
link