Skip to content
/ recognize-internal-security-assistant-action Public

This action is used to perform several webserver checks based on a set of URLs.

License

LGPL-3.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

recognizegroup/recognize-internal-security-assistant-action

BranchesTags

Repository files navigation

Recognize Internal Security Assistant

This action performs a set of basic web server setting checks, and generates a report which is attached to the current commit. Currently, the tool checks for:

  • Cache-Control header
  • Content-Security-Policy header
  • CORS settings
  • HTTP to HTTPS redirect
  • Permissions-Policy header
  • Referrer-Policy header
  • Secure cookies
  • SSL settings (protocol versions, ciphers)
  • Strict-Transport-Security header
  • Version Information in headers
  • X-Content-Type-Options header
  • X-XSS-Protection header

Example

on:
  push:
    branches: [develop]
jobs:
  security-report:
    runs-on: ubuntu-latest
    steps:
      - uses: recognizegroup/recognize-internal-security-assistant-action@v2
        with:
          urls: https://recognize.nl            # URLs to test (comma separated)
          token: ${{ github.token }}            # Token for the GitHub API
          excluded: ''                          # IDs of the rules to exclude

Screenshot

Screenshot of the report

About

This action is used to perform several webserver checks based on a set of URLs.

Resources

Readme

License

LGPL-3.0 license
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

11 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages