id: http-missing-security-headers

info:
  name: HTTP Missing Security Headers
  author: socketz,geeknik,G4L1T0,convisoappsec,kurohost,dawid-czarnecki,forgedhallpass,jub0bs,userdehghani
  severity: info
  description: |
    This template searches for missing HTTP security headers. The impact of these missing headers can vary.
  metadata:
    max-request: 1
  tags: misconfig,headers,generic

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    host-redirects: true
    max-redirects: 3

    matchers-condition: or
    matchers:
      - type: dsl
        name: strict-transport-security
        dsl:
          - "!regex('(?i)strict-transport-security', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: content-security-policy
        dsl:
          - "!regex('(?i)content-security-policy', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: permissions-policy
        dsl:
          - "!regex('(?i)permissions-policy', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: x-frame-options
        dsl:
          - "!regex('(?i)x-frame-options', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: x-content-type-options
        dsl:
          - "!regex('(?i)x-content-type-options', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: x-permitted-cross-domain-policies
        dsl:
          - "!regex('(?i)x-permitted-cross-domain-policies', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: referrer-policy
        dsl:
          - "!regex('(?i)referrer-policy', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: clear-site-data
        dsl:
          - "!regex('(?i)clear-site-data', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: cross-origin-embedder-policy
        dsl:
          - "!regex('(?i)cross-origin-embedder-policy', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: cross-origin-opener-policy
        dsl:
          - "!regex('(?i)cross-origin-opener-policy', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: cross-origin-resource-policy
        dsl:
          - "!regex('(?i)cross-origin-resource-policy', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: content-type-charset-specification
        dsl:
          - "!regex('(?i)content-type', header)"
          - "!regex('(?i)charset', header)"
          - "status_code != 301 && status_code != 302"
        condition: and
# digest: 490a004630440220110fc130c64d1a2457f00589a17845e05696ea7542f4d08c986419923c38b9ac02202e073e983f5bebb71f2673a20f04c51b2c4a81cb9f7e747a4e74b3272fe047d4:922c64590222798bb761d5b6d8e72950