Python command line utility to determine whether a site supports HSTS.

example.txt

<monalisa: ~> $ has_hsts.py duckduckgo.com google.com search.google.com conformal.com yahoo.com lobste.rs news.ycombinator.com reddit.com
[+] checking whether duckduckgo.com supports HSTS... no
[+] checking whether google.com supports HSTS... no
[+] checking whether search.google.com supports HSTS... no
[+] checking whether conformal.com supports HSTS... yes
[+] checking whether yahoo.com supports HSTS... no
[+] checking whether lobste.rs supports HSTS... yes
[+] checking whether news.ycombinator.com supports HSTS... no
[+] checking whether reddit.com supports HSTS... doesn't have SSL working properly (hostname 'reddit.com' doesn't match either of 'a248.e.akamai.net', '*.akamaihd.net', '*.akamaihd-staging.net')

has_hsts.py

#!/usr/bin/env python
"""
Determine whether a website supports HSTS.
"""

import requests
import sys


def has_hsts(site):
    """
    Connect to target site and check its headers."
    """
    try:
        req = requests.get('https://' + site)
    except requests.exceptions.SSLError as error:
        print "doesn't have SSL working properly (%s)" % (error, )
        return False
    if 'strict-transport-security' in req.headers:
        print "yes"
        return True
    else:
        print "no"
        return False


def main(site):
    """
    Main functionality.
    """
    print '[+] checking whether %s supports HSTS...' % (site, ),
    return has_hsts(site)


if __name__ == '__main__':
    if len(sys.argv) < 2:
        print 'usage: %s [domains to check]' % (sys.argv[1], )
        exit(1)

    for domain in sys.argv[1:]:
        main(domain)

    exit(0)