Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSE script contribution - clickjacking-prevent-check

From: Patricio Castagnaro <pcastagnaro () gmail com>
Date: Mon, 9 Jan 2017 14:36:24 -0300
Dear Ícaro,

First of all thank you very much for your contribution. I tried it and it
works great!

[image: Imagen integrada 1]


*Lic. Patricio Castagnaro*
*MSN/Gtalk/Mail* *pcastagnaro () gmail com <pcastagnaro () gmail com>*
*Twitter* @*pcastagnaro* <https://twitter.com/pcastagnaro>
*Skype:*
* pcastagnaro**LinkedIn* *http://ar.linkedin.com/in/pcastagnaro
<http://ar.linkedin.com/in/pcastagnaro>*
*Google+* *https://plus.google.com/+PatricioCastagnaro
<https://plus.google.com/+PatricioCastagnaro>*

Think before you print

2017-01-03 21:44 GMT-03:00 Ícaro Torres <icaro.redes.ifpb () gmail com>:


Hello,

I would like to contribute with another NSE script in the Nmap Project.
This one verifies if the X-Frame-Options (RFC 7034) is enabled in a web
service and show the permissive level configured. This subject is listed in
the "OWASP Testing Guide v4" (OWASP project: https://www.owasp.org/index.
php?title=Testing_for_Clickjacking_(OTG-CLIENT-009)&setlang=en) and I
think it is a good topic to observe in the hardening process of a web
service.

The script is attached.

Best regards.

--

Ícaro Torres
Tecnólogo em Redes de Computadores - IFPB
Pós-Graduado em Segurança da Informação - faculdade IDEZ
Twitter: @IcaroTorres

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/



_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: