- Simple Built-in HTTP Layer Security Tests for GET Requests
- Introduction
- Auto-complete Should be Disabled
- Private Resource Disclosure
- Private IP Disclosure
- Cross-Origin Resource Sharing (CORS)
- Frameable Response (Potential Clickjacking)
- Strict Transport Policy
- Information Disclosure
- Minium Secure JS Version
- Vulnerable JS Version
- Cookie - HttpOnly Flag
- Cookie - secure Flag
- Malicious URL Redirect