Nmap Development mailing list archives
Re: NSE script contribution - clickjacking-prevent-check
From: Patricio Castagnaro <pcastagnaro () gmail com>
Date: Mon, 9 Jan 2017 14:36:24 -0300
Dear Ícaro, First of all thank you very much for your contribution. I tried it and it works great! [image: Imagen integrada 1] *Lic. Patricio Castagnaro* *MSN/Gtalk/Mail* *pcastagnaro () gmail com <pcastagnaro () gmail com>* *Twitter* @*pcastagnaro* <https://twitter.com/pcastagnaro> *Skype:* * pcastagnaro**LinkedIn* *http://ar.linkedin.com/in/pcastagnaro <http://ar.linkedin.com/in/pcastagnaro>* *Google+* *https://plus.google.com/+PatricioCastagnaro <https://plus.google.com/+PatricioCastagnaro>* Think before you print 2017-01-03 21:44 GMT-03:00 Ícaro Torres <icaro.redes.ifpb () gmail com>:
Hello, I would like to contribute with another NSE script in the Nmap Project. This one verifies if the X-Frame-Options (RFC 7034) is enabled in a web service and show the permissive level configured. This subject is listed in the "OWASP Testing Guide v4" (OWASP project: https://www.owasp.org/index. php?title=Testing_for_Clickjacking_(OTG-CLIENT-009)&setlang=en) and I think it is a good topic to observe in the hardening process of a web service. The script is attached. Best regards. -- Ícaro Torres Tecnólogo em Redes de Computadores - IFPB Pós-Graduado em Segurança da Informação - faculdade IDEZ Twitter: @IcaroTorres _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NSE script contribution - clickjacking-prevent-check Ícaro Torres (Jan 03)
- Re: NSE script contribution - clickjacking-prevent-check Patricio Castagnaro (Jan 09)
- Re: NSE script contribution - clickjacking-prevent-check Daniel Miller (Jan 10)
- Re: NSE script contribution - clickjacking-prevent-check Ícaro Torres (Jan 10)