Hacksudo-CSP Headers Checker von Hacksudo

🔐 Hacksudo CSP & Security Headers Checker

Hacksudo CSP & Security Headers Checker is a lightweight security auditing extension designed for developers, security engineers, and penetration testers.

It analyzes the active webpage and reports:

🛡 Content Security Policy (CSP)

• Detects CSP header and meta CSP
• Lists configured directives
• Highlights missing critical directives:
• default-src
• script-src
• object-src
• base-uri
• frame-ancestors
• Flags weak configurations such as:
• unsafe-inline
• unsafe-eval
• Wildcard (*) usage
• Missing clickjacking protection

🔎 Security Headers Analysis

The extension checks for modern security headers commonly recommended by OWASP:

• Content-Security-Policy
• Strict-Transport-Security (HSTS)
• X-Frame-Options
• X-Content-Type-Options
• Referrer-Policy
• Permissions-Policy
• Cross-Origin-Opener-Policy (COOP)
• Cross-Origin-Embedder-Policy (COEP)
• Cross-Origin-Resource-Policy (CORP)

Each header is categorized as:

• ✅ Set
• ⚠ Missing
• 🔴 Weak configuration

🎯 Use Cases

• Web application security testing
• VAPT assessments
• Quick client-side header verification
• Secure development validation
• Learning CSP and browser hardening

🔐 Privacy & Data Collection

This extension does not collect, store, or transmit any user data.
All analysis is performed locally in the browser.