Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Option to check a specific port, port pool, port range, or all ports #242

Open
4 tasks
arcsector opened this issue May 17, 2023 · 0 comments
Open
4 tasks

Comments

@arcsector
Copy link
Contributor

💡 Summary

I think there should be options to have PSHTT scan either a single target port, a port pool (allow people to say scan 4200, 8000, 8080, 8443, 9000, and 9443 in addition to 80 & 443), a port range (10:10,000), or all ports. This can be read through flags or potentially a file as well.

Motivation and context

Federal powers are now mandating that HSTS be enforced on all HTTP-serving ports (see here). The scope of PSHTT, in my opinion, should be expanded to cover these use cases.

Implementation notes

Since just the option to scan all ports would be very cumbersome and increase the runtime of PSHTT significantly, there should be multiple options added to be able to configure the PSHTT run for various use cases. For example, I might want to run a daily scan for HSTS on 80 & 443, but I might want to run a weekly scan for some standard ports (8080, 8443, etc...), and maybe a monthly scan for all ports up to port 10,000.

Acceptance criteria

Features are accepted that add one or more of the following features that are deemed in scope for the PSHTT project:

  • Target Port Scanning
  • Port Pool Scanning
  • Port Range Scanning
  • All Port Scanning (Might be able to be dropped from the acceptance criteria as people can just use a port range of 1:65,536)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant