The Importance of Implementing Strict Transport Security Authors: Ronan Dunne & Anthony Caldwell What you will learn STS is a relatively straightforward setting to enable. What you will know HSTS is a necessary and sufficient protocol for sensitive web traffic. Introduction It is clear by now that even....
Author
Latest Articles
- BlogFebruary 14, 2016Ettercap and middle-attacks tutorial
- BlogSeptember 3, 2015Interview With Pwnie Express
- BlogAugust 20, 2015The Professional Penetration Tester
- BlogJune 15, 2015How to train your skills in SQL Injection
i am unable to find the http strict transport security (hsts) option under Passive Scan Rules in OWASP ZAP tool(2.4.3 version).Could you please let me know how to test the http strict transport security (hsts) through the ZAP tool.Thanks in advance.
Uh, your remediation steps are wrong…
should read something like
Strict-Transport-Security: max-age=31536000; includeSubDomains
Note the max-age.