Minor: Code optimizations

rfc-st · rfc-st · commit e9aa5448f601 · 2025-01-03T19:05:47.000+01:00
diff --git a/README.md b/README.md
@@ -6,14 +6,14 @@
 <a target="_blank" href="https://www.python.org/downloads/" title="Minimum Python version required to run this tool"><img src="https://img.shields.io/badge/Python-%3E%3D3.8-blue?labelColor=343b41"></a>
 <a target="_blank" href="LICENSE" title="License of this tool"><img src="https://img.shields.io/badge/License-MIT-blue.svg?labelColor=343b41"></a>
 <a target="_blank" href="https://github.com/rfc-st/humble/releases" title="Latest release of this tool"><img src="https://img.shields.io/github/v/release/rfc-st/humble?display_name=release&label=Latest%20Release&labelColor=343b41"></a>
-<a target="_blank" href="https://github.com/rfc-st/humble/commits/master" title="Latest commit of this tool"><img src="https://img.shields.io/badge/Latest_Commit-2024--12--31-blue.svg?labelColor=343b41"></a>
+<a target="_blank" href="https://github.com/rfc-st/humble/commits/master" title="Latest commit of this tool"><img src="https://img.shields.io/badge/Latest_Commit-2025--01--03-blue.svg?labelColor=343b41"></a>
 <a target="_blank" href="https://github.com/rfc-st/humble/actions?query=workflow%3ACodeQL" title="Results of the last analysis of this tool with CodeQL"><img src="https://github.com/rfc-st/humble/workflows/CodeQL/badge.svg"></a>
 <a target="_blank" href="https://pkg.kali.org/pkg/humble" title="Official tool in Kali Linux"><img src="https://img.shields.io/badge/Kali%20Linux-Tool-blue?labelColor=343b41"></a>
 <br />
 <a target="_blank" href="#" title="Featured on:"><img src="https://img.shields.io/badge/Featured%20on:-343b41"></a>
 <a target="_blank" href="https://artemis-scanner.readthedocs.io/en/latest/search.html?q=humble&check_keywords=yes&area=default" title="Artemis vulnerability scanner"><img src="https://img.shields.io/badge/Artemis-blue"></a>
 <a target="_blank" href="https://docs.defectdojo.com/en/connecting_your_tools/parsers/file/humble/" title="DefectDojo vulnerability management tool"><img src="https://img.shields.io/badge/DefectDojo-blue"></a>
-<a target="_blank" href="https://book.hacktricks.xyz/network-services-pentesting/pentesting-web/special-http-headers" title="HackTricks"><img src="https://img.shields.io/badge/HackTricks-blue"></a>
+<a target="_blank" href="https://github.com/HackTricks-wiki/hacktricks/blob/master/src/network-services-pentesting/pentesting-web/special-http-headers.md" title="HackTricks"><img src="https://img.shields.io/badge/HackTricks-blue"></a>
 <a target="_blank" href="https://headerscan.com/humble/" title="Security Header Scanner"><img src="https://img.shields.io/badge/HeaderScan-blue"></a>
 <a target="_blank" href="https://owasp.org/www-project-secure-headers/#div-technical" title="OWASP Secure Headers Project"><img src="https://img.shields.io/badge/OWASP-blue"></a>
 <a target="_blank" href="https://www.bestpractices.dev/projects/9543" title="OpenSSF best practices analysis"><img src="https://www.bestpractices.dev/projects/9543/badge"></a>
diff --git a/humble.py b/humble.py
@@ -134,7 +134,7 @@
 XML_STRING = ('Ref: ', 'Value: ', 'Valor: ')
 
 current_time = datetime.now().strftime("%Y/%m/%d - %H:%M:%S")
-local_version = datetime.strptime('2024-12-31', '%Y-%m-%d').date()
+local_version = datetime.strptime('2025-01-03', '%Y-%m-%d').date()
 
 
 class SSLContextAdapter(requests.adapters.HTTPAdapter):
@@ -1357,14 +1357,10 @@ def format_html_headers(ln, sub_d, headers):
 
 def format_html_fingerprint(args, ln, sub_d, l_fng):
     for i in l_fng:
-        if (ln and i in ln and not args.brief):
-            try:
-                idx = ln.index(' (')
-            except ValueError:
-                return ln
-            if 'class="ko"' not in ln:
-                ln = f"{sub_d['span_ko']}{ln[:idx]}{sub_d['span_f']}{ln[idx:]}"
-                return ln
+        if ln and (i in ln) and (not args.brief) and (': ' not in ln) and \
+         ('class="ko"' not in ln):
+            ln = f"{sub_d['span_ko']}{ln}{sub_d['span_f']}"
+            return ln
         ln_lower, i_lower = ln.casefold(), i.casefold()
         if args.brief and i_lower in ln_lower and ':' not in ln and \
            '    class="ko"' not in ln:
@@ -1823,7 +1819,10 @@ def custom_help_formatter(prog):
 start = time()
 
 if not args.URL_A:
-    detail = '[analysis_output]' if args.output else '[analysis]'
+    if not args.compliance:
+        detail = '[analysis_output]' if args.output else '[analysis]'
+    else:
+        detail = '[compliance_output]'
     print("")
     print_detail(detail)
 
diff --git a/l10n/details.txt b/l10n/details.txt
@@ -1642,6 +1642,9 @@ Unhandled exception type:
  '(*)' meaning:                Experimental HTTP response header
  '(*)' ref:                    https://mdn.io/Experimental_deprecated_obsolete
 
+[compliance_output]
+ Analyzing the URL in relation to the OWASP 'Secure Headers Project' best practices, please wait ...
+
 [comp_ko_owasp]
  These URL headers do not comply with the OWASP 'Secure Headers Project' best practices.
  Ref: https://owasp.org/www-project-secure-headers/#div-bestpractices
diff --git a/l10n/details_es.txt b/l10n/details_es.txt
@@ -1632,6 +1632,9 @@ Excepción no gestionada:
  Significado de '(*)':                        Cabecera de respuesta HTTP experimental
  Referencia de '(*)':                         https://mdn.io/Experimental_deprecated_obsolete
 
+[compliance_output]
+ Analizando la URL en relación a las mejores prácticas de OWASP 'Secure Headers Project', espera por favor ...
+
 [comp_ko_owasp]
  Estas cabeceras de la URL no cumplen con las mejores prácticas de OWASP 'Secure Headers Project'.
  Ref: https://owasp.org/www-project-secure-headers/#div-bestpractices
