1.37

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: "I got a woman", performed by Ray Charles: May the Blues be with you!.

Thank you for downloading it, for trying it and for your time!.

Fixes

28c513b - 'Strict-Transport-Security' check
1417264 - Strings formatting

Features

9542334 - Improved skipped HTTP headers code
862da7d - Major Code Optimizations: Regarding variables, functions and lower() usage
87684e6 - Explicit indication of the fingerprint header value
8aa5c5d - 14 new fingerprint headers
bd1a48f - Add more User-Agents ('-ua' parameter)
b97e20d - Enriching global statistics with more detailed information

Minor

93a0139 - Code optimizations: Improved parameters descriptions, fingerprint statistics and extracted temp filename generation to a function
20c28b6 - Improved fingerprint statistics logic
74dd897 - Code optimizations: Improved constants, variables and functions names/logic
64d0537 - Code optimizations: Messages, functions and comments
b4857d2 - Code optimizations: Analytics and PDF export
4f9a8a3 - Optimizations related to 'Content-Security-Policy' checks
21c9b7a - Optimized fingerprint logic
a6e0fbc - Optimizations related to fingerprint checks
f50e3b2 - Optimized User-Agent logic
8d53437 - Code Optimizations: Related to PDF generation and User-Agent logic
fb82282 - Optimized code: Improved and simplified global statistics

1.36

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: "White Kid Sing The Blues In Guitar Shop Like It's Nobody's Business!", performed by Brendan Macfarlane: May the Blues be with you!.

Thank you for downloading it, for trying it and for your time!.

Fixes

0388ea1 - Avoid duplication of fingerprinting results
8a3d30e - HTML export
54334f5 - Strict-Transport-Security check
91b72e8 - Improve fingerprint list

Features

0903e57 - 1 new insecure check
ecc6d69 - 2 new fingerprint headers
990cae9 - 1 new insecure check
b4e956b - 1 new insecure check
d654735 - 2 new insecure checks
cb974a9 - 1 new insecure check
ff7f28b - 1 new insecure check
16941c9 - 1 new insecure check

Minor

97f92d9 - Update Content-Security-Policy Directives
199483d - Updated directives of several headers
8ca55bb - Improved variable naming
8bc1707 - Updated list of insecure HTTP headers
41ea09b - Improved constants naming
df57f0f - Code optimizations
d71db09 - Code optimizations
b7fa35e - Extract logic from missing headers to functions
a1dc3d7 - Code optimizations
2c586ec - Improved checking of updated versions
595d37e - Extract logic from fingerprint headers to function
065390a - Code optimizations
0b26e68 - Define styles in constants
640cfc4 - Code optimizations (improved constans)
8d578c8 - Highlight groups of fingerprint headers

1.35

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: "Improvisation in Cm", performed by Indiara Sfair & Arthur Sowinski: May the Blues be with you!.

Thank you for downloading it, for trying it and for your time!.

Fixes

3c3560d - Correctly identify URL scheme
e22e93a - Corner cases regarding unrealiable URLs and HTTP codes

Features

617d963 - New insecure check (Vary: Potentially Unsafe Header)
3d994d8 - 2 new insecure checks
932040f - New '-s' parameter
5c65ce2 - Optimize '-s' parameter logic
f6c2b3d - 2 new insecure checks
593fe44 - Lazy import of fpdf2 and its class.
398c011 - Improved skipped check messages for certain headers
b30fbd6 - New function and template for exporting results to HTML.
7d4ef8a - Note added when exporting to CSV/JSON, about analysis type

Minor

ace3698 - Update browser compatibility for enabled HTTP security headers
ede7b5d - Improved naming and use of constants
870698e - Simplify HTTP error codes logic
17d223d - Add HTTP code 404 description
dc5e466 - Extract output filename generation to a function
50a3a06 - Code optimizations
0beec4a - Improve the naming of constants
ebb970e - Code optimizations and improved comments
fbbda02 - Code optimizations
c6c7f20 - Optimized generate_html() and some variable names

1.34

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: "She's Crazy", performed by JT Coldfire.

Thank you for downloading it, for trying it and for your time!.

Fixes

13aea3e - '-ua 0' does not require a URL

Features

3a61535 - Consistency in the content of exported analysis
e21c94f - Bump fpdf2 version to 2.7.7 (fixing some Deprecation Warnings)
d5d7a8a - Improve HTML export (adding several meta tags)
77995bf - 4 new fingerprint headers
bca9558 - The parsing of the '-ua' parameter is more robust and reliable
365e5d3 - Extract the logic of the User-Agent to its own function
e29a199 - 2 new insecure checks (NEL)
c29cbb2 - New insecure check (Content-Security-Policy: Unsafe Directive)
08ffde1 - Basic examples of use in the help epilogue

Minor

a89ae75 - Code optimizations
f9baf00 - Improve PDF readability
6479597 - Better wording related to the name of this tool
7f9fdf3 - Improved steps for SSL/TLS scanning in Windows
cffa4bd - l10n fixes
38b9a26 - Improved readability when exporting to HTML and PDF
6d0ec3d - Code optimization
107deb6 - Code optimizations
42a5efc - Code optimizations
4f9eca6 - Optimize retrieval and display the epilogue in help
44dd94c - Code optimizations (Analysis results and unsafe scheme)
e6ab14e - Update browser compatibility for enabled HTTP security headers
e72f712 - Simplified 'check_humble_updates' function
ee4dcfb - Improved fingerprint statistics functions
6f2af09 - Updated guidelines for enabling security HTTP response headers

1.33

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: "Slow Blues Improvisation", performed by Luca Sestak.

From this Release onwards I will not indicate in these notes the modifications of the README file/screenshots: they are not usually changes of relevance or that affect the use of the tool.

Thank you for downloading it, for trying it and for your time!.

Security

d8e53e4 - Attempt to block Path traversal (first iteration!)

Fixes

e0d0610 - Module 'urllib3.util.ssl_' has no attribute 'DEFAULT_CIPHERS'

Features

71aea0c - Show, in the global statistics, the best and worst results
d230572 - 12 new fingerprint headers
10a4479 - 29 new fingerprint headers
a4b5cb4 - 6 new fingerprint headers
afa3bb2 - Show the version of this tool in the analysis
b2a0e14 - New parameter ('-ua'); customized User'Agent!
e689f54 - 10 new fingerprint headers
e6b1c01 - 1 new fingerprint header & updated README

Minor

ff1ec05 - Improve Deprecated/Insecure Checks
57834ce - Code optimizations
8c8b734 - Code Optimizations and updated README
e50430f - Code optimizations
4b1df87 - Update 'Permissions-Policy' deprecated features
522b9ec - Code optimizations
ef030ec - Optimize get_user_agent function
2246031 - Code optimizations
cb59826 - Code optimizations

1.32

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: "Highway 61 Revisited (Live in California - September 1975)", performed by Johnny Winter.

Thank you for downloading it, for trying it and for your time!.

Features

4cd9c75 - Facilitating SSL/TLS analysis on Windows
2df2718 - New insecure check (Set-Cookie: Cookie Prefixes)
10cc7d3 - Updated 'Accept-CH' deprecated values
14191d0 - 1 new fingerprint header
bd589ed - New insecure check (Origin-Agent-Cluster: No Valid Directives)
bd044d6 - New insecure check (Proxy-Authenticate: Unsafe Value)
8980aab - 5 new fingerprint headers
aa9d3f0 - '-op' parameter (the PATH where the analysis will be exported)
f8bd50a - 2 new fingerprint headers
ef38fa9 - Check write permissions on OUTPUT_PATH
4a72289 - 30 new fingerprint headers
f47c25a - CSV export (brief analysis, for now!)
9f9cca5 - Optimize CSV export
7de7baa - 1 new fingerprint header

Fixes

7d4282c - Trailer's directive names
940b7c4 - Fingerprint headers not having proper CSS (Brief analysis & HTML)
fb17d1b - HTML export (do not add unnecessary spans)
4e34b0a - Include correct date when exporting to CSV

Minor

55d23fe - README updated
816ad65 - (Take a look at extended commit message)
99b873d - Optimizing code and improving variables/functions names
40a01ce - PDF export on Windows
291bfba - (Take a look at extended commit message)
cbefdf1 - i10n (improving the description of strings)
9a21911 - README updated
59a64c4 - Improved function names
99c51ec - README updated
a649d76 - README updated
98b261a - README updated
af10e4d - PDF export (logic extracted to functions)
9a5dae0 - i10n (improving the description of strings)
89557d6 - README updated
227dc2d - Optimize CSV export
6550382 - Screenshots updated
a8a48ee - README updated
8d2c3e8 - Update of the list of insecure HTTP headers.
f216451 - Update of the list of Browser Compatibility for Enabled Headers

1.31

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: "Fuera de lugar", performed by Revólver.

Thank you for downloading it, for trying it and for your time!.

Security

4e1c4dc - Avoid using 'shell=true' in subprocess module

Features

51588d2 - Improve JSON generation. Now it also accepts '-r' parameter
9254872 - New insecure check
8fc341f - Improve HTML generation
81e542d - Improve HTML generation
501402d - TLS/SSL checks!
511d7fe - Improve SSL/TLS checks
8b3d249 - 2 new fingerprint headers
d63ea0e - 1 new fingerprint header (keep reading, milestone!)
1c3c3dc - New insecure check (X-XSS-Protection: Deprecated Header))
487754c - 4 new fingerprint headers
6362ce6 - Add more headers to section 5 (Browser Compatibility)
3698b8f - AI approval!
487745e - Attempting to mitigate command injection vulnerabilities
92664d1 - '-df' parameter (do not follow redirects) and more!
4bf057b - The export filename will now contain the port (if specified)
0bcc555 - New insecure check (SourceMap: Unsafe Funcionality)
0687842 - New insecure check (Surrogate-Control: No Valid Directives)

Fixes

64c4c85 - Fingerprint statistics
bf288d2 - Output if target not available

Minor

381a0f6 - Updated Samples and Screenshots
4f3abe7 - Improve some files regarding github repo and license
89efb03 - Finish improving some files related to github repo and licensing
15d3f2d - README updated
1c582a9 - README updated
08c6f7f - HTML generation optimized
ad4ba2d - HTML generation optimized
cd35be6 - Updated README
6a71734 - README and screenshot updated
7acf215 - Optimize code and i10n more messages
16b56f5 - README updated
304655c - LICENSE and README updated
1b35fd1 - Improve guides output
07716e1 - README updated
7822185 - Optimize export analysis code
4e97012 - Improve TLS/SSL checks
f6df0e1 - Improve TLS/SSL checks
fe0ff31 - README and screenshot updated & TLS/SSL checks improved
a6bb71c - README updated
66ee22d - README updated
027ce03 - README updated
5709b58 - README updated
57f9dea - README updated
9558bc6 - Check if testssl.sh PATH exists

1.30

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: "Little Wing", performed by Jimi Hendrix.

Thank you for downloading it, for trying it and for your time!.

Features

6b03a3c - JSON output
f90ad90 - Improved JSON generation
157c898 - 1 new fingerprint header
989a104 - Optimize JSON export
57a9125 - Warn in unreliable analysis
1bef54c - New missing check (X-Permitted-Cross-Domain-Policies)

Fixes

42eea1f - Fallback to 'Null' instead throwing an error

Minor

0e7e60e - README updated.
bc0f474 - Optimize code
14c1b82 - README updated with JSON sample & screenshot
6e2cc21 - README updated
1982e60 - README updated
d1cd5b0 - README updated
a598570 - README updated
94cf192 - README updated
c9ee2b9 - CONTRIBUTING updated
214670e - CONTRIBUTING updated
8cbd55a - SECURITY updated
f4a1c58 - Including necessary clarifications and explanations
9987612 - README updated
d392efe - README updated (let's use Flake8!)
1cea83c - README updated
343146d - README updated
1e2d6e2 - Improvement of unreliable analysis messages

1.29

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: "The Chain (Live on KEXP)", performed by Reignwolf.

Thank you for downloading it, for trying it and for your time!.

Features

e6e8de0 - Improved broad and insecure CSP source checks
acb95a2 - 18 new fingerprint headers
6b76c44 - 3 new fingerprint headers
2f8fb99 - 2 new fingerprint headers
8718597 - New insecure check (Accept-CH: Deprecated Value)
0b7b99e - 7 new fingerprint headers
a2e721f - Improvement in case of 5xx errors
f71d02a - Improvement in case of 4xx errors
4d866e1 - Improvement in case of 4xx errors
42c0ead - Improvement in case of 5xx errors

Fixes

b2afb70 - Output of '-a' parameter.
570ccde - 'csp_check_values' function.
1c99b73 - Improve regional check
4e5533d - PDF footer spacing
8cbb444 - Correctly highlighting two response headers in the HTML report

Minor

86d9d98 - Updated README.
c783452 - Optimize two functions
c0d7fa2 - Optimize 'fng_analytics_sorted' function.
9ae4f33 - Keep improvin 'csp_check_values' function.
0c3748a - README updated
fb21217 - Optimize 'csp_check_values' function
e8de9b8 - README updated
da67f3d - README updated
3ba9ac1 - README updated
4417e32 - better wording regarding fingerprint headers
142f45d - Code optimizations
b964782 - Optimize request_exceptions function
37efd1e - Code simplification

1.28

These are the release notes of the latest version of humble; and, as it could not be otherwise, along with a recommendation that I hope will be to your liking: "Guilty", performed by Beth Hart.

Thank you for downloading it, for trying it and for your time!.

Features

0b7fb00 - 6 new fingerprint headers
631376a - 17 new fingerprint headers
18c855b - 3 new insecure checks
c394a87 - New insecure check (Expires: Ignored Header)
e684f03 - New insecure check (Keep-Alive: Ignored Header)
57048cc - 3 new fingerprint headers
e502685 - Aligned global statistics results by fingerprint group
c4ef029 - 2 new fingerprint headers
27d733a - optimize fng_analytics function
8e9b85e - New insecure check (Transfer-Encoding: No Valid Directives)
c483204 - optimize fng_analytics_global_print function
766bd36 - First iteration to review the values of each header directive
8fd6d5f - 1 new fingerprint header and a minor fix
d5c57be - New insecure check (Strict-Dynamic: Incorrect Header)
af9c7f0 - 6 new fingerprint headers
5c0f983 - Improve 'Content-Security-Policy: Too Permissive Sources' check

Minor

b316ff6 - Clean and update 'Permissions-Policy' directives list
4a018b0 - Updated 'Clear-Site-Data' directives
9e0a348 - Screenshot updated
c819634 - New example of advanced use of the tool
187fdb4 - Fix TOC, for real!
6e202f4 - Fix README
c9142cb - Improved the output of the '-g' parameter (reference guides).
eb84e95 - improved 'unsafe-hashes' reference
d25baad - Added two CSP references
95e1195 - extract the regex to a constant
3040e05 - remove trailing spaces
dbe97b7 - code optimizations
4da97a1 - Screenshots updated
a46ca08 - Fix regarding 'Content-Type' header output