id: http-missing-security-headers

info:
  name: HTTP Missing Security Headers
  author: socketz,geeknik,G4L1T0,convisoappsec,kurohost,dawid-czarnecki,forgedhallpass,jub0bs
  severity: info
  description: |
    This template searches for missing HTTP security headers. The impact of these missing headers can vary.
  metadata:
    max-request: 1
  tags: misconfig,headers,generic

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    host-redirects: true
    max-redirects: 3

    matchers-condition: or
    matchers:
      - type: dsl
        name: strict-transport-security
        dsl:
          - "!regex('(?i)strict-transport-security', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: content-security-policy
        dsl:
          - "!regex('(?i)content-security-policy', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: permissions-policy
        dsl:
          - "!regex('(?i)permissions-policy', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: x-frame-options
        dsl:
          - "!regex('(?i)x-frame-options', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: x-content-type-options
        dsl:
          - "!regex('(?i)x-content-type-options', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: x-permitted-cross-domain-policies
        dsl:
          - "!regex('(?i)x-permitted-cross-domain-policies', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: referrer-policy
        dsl:
          - "!regex('(?i)referrer-policy', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: clear-site-data
        dsl:
          - "!regex('(?i)clear-site-data', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: cross-origin-embedder-policy
        dsl:
          - "!regex('(?i)cross-origin-embedder-policy', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: cross-origin-opener-policy
        dsl:
          - "!regex('(?i)cross-origin-opener-policy', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

      - type: dsl
        name: cross-origin-resource-policy
        dsl:
          - "!regex('(?i)cross-origin-resource-policy', header)"
          - "status_code != 301 && status_code != 302"
        condition: and

# digest: 4a0a004730450220085d54de6f23590ea9d6512c0ee0f85547ee0d82efb868bcaa773c0cb2deeac30221009e9cb57db7ce4f940a9f24b5eff0288e9a1ea6f024462225e1c0638bcaaedcb3:922c64590222798bb761d5b6d8e72950