headers-analyzer

HTTP security headers analyzer with AI-powered review.

Install

uv sync

Usage

# Basic scan
headers-analyzer https://example.com

# Show raw headers
headers-analyzer https://example.com --raw

# Export JSON
headers-analyzer https://example.com --json -o report.json

# AI review (OpenAI-compatible)
export OPENAI_API_KEY=sk-...
headers-analyzer https://example.com --ai

# AI with custom model or local LLM (e.g. Ollama)
headers-analyzer https://example.com --ai --ai-model gpt-4o
headers-analyzer https://example.com --ai --ai-url http://localhost:11434/v1 --ai-model llama3

What it checks

Security headers: HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, X-XSS-Protection, Cache-Control, CORP, COOP

Info leakage: Server, X-Powered-By, X-AspNet-Version, X-Generator, Via, and more

AI Review

Pass --ai to feed the full analysis to an LLM. It will return:

Risk summary
Top 3 critical issues
Specific remediation steps
Additional attack vectors

Works with any OpenAI-compatible API — including local models via Ollama or LM Studio using --ai-url.

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
headersanalyzer		headersanalyzer
.gitignore		.gitignore
.python-version		.python-version
README.md		README.md
headers-analyzer-wrapper		headers-analyzer-wrapper
main.py		main.py
pyproject.toml		pyproject.toml
uv.lock		uv.lock

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

headers-analyzer

Install

Usage

What it checks

AI Review

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

headers-analyzer

Install

Usage

What it checks

AI Review

About

Topics

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages