An HTTP/HTTPS intercept proxy written in Go.

Parse HTTP Security Headers

A dotnet tool to do a http request/response security assessment

Learn Spring Security step by step

A scan of all .gov.uk sites for the most common security headers or lack of

OSINT tools for website research

A Python-based HTTP security header analyzer that identifies weak or missing policies (CSP, HSTS, XFO, etc.) and generates OWASP-aligned remediation reports.

Adds missing HTTP response headers to SvelteKit apps

Analyze HTTP security headers for your web application. A-F grading, per-header findings, and remediation — as a library or CLI.

Real-time Layer 7 DDoS detection and HTTP traffic analysis tool designed to identify bot activity, anomalous requests, and application-layer attacks with high accuracy.

Overkill Bash tool to scan and rate HTTP security headers (CSP, HSTS, COOP, CORP, Permissions-Policy + more). Passive, fast, nuclear edition by MR.Thugh ☠

Issue tracker microservice project

Passive web application security analyzer for HAR files and raw HTTP captures — security headers, CSP, cookies, CORS, disclosure & transport checks with SARIF output. Zero network calls.

The HTTPS Analysis tool helps users inspect and analyze HTTPS and security headers, determine server technology, scan vulnerabilities, and ensure a detailed understanding of security configurations.

Browser-based Set-Cookie header auditor. Grades cookies A–F on hardening attributes (Secure, HttpOnly, SameSite, scoping, prefixes)

HTTP security-header audit in Bash. A+ through F grading, TLS info, Markdown output. Offline-capable, no securityheaders.com dependency.

Stock price checker microservice project

Python-based network vulnerability scanner, port scanning, service enumeration, banner grabbing, HTTP security header analysis, SSL/TLS auditing, and DNS reconnaissance with JSON/HTML reports

Personal library microservice project

Anonymous message board microservice project