cSPY - SecurityHeader Scanner από VaultOcean
Advanced security header scanner with CSP analysis, multi-engine scoring, actionable recommendations, and PDF report export. Zero external requests — all analysis runs locally.
48 χρήστες48 χρήστες
Μεταδεδομένα επέκτασης
Σχετικά με την επέκταση
CSPy is a professional-grade browser extension that audits HTTP security headers in real time. Built for developers, penetration testers, and security researchers.
WHAT IT DOES
• Scans every HTTP response header on any website
• Deep Content-Security-Policy (CSP) directive-by-directive analysis
• Detects missing, weak, or misconfigured headers (HSTS, X-Frame-Options, CORS, Referrer-Policy, Permissions-Policy, COOP, COEP, CORP, cookies)
• Grades security posture from A+ to F with a 0–100 score
MULTI-ENGINE CONSENSUS
• Three independent scoring engines: CSPy, Google CSP Evaluator, and Mozilla Observatory
• Cross-validates results — when engines agree, confidence is high
ACTIONABLE RECOMMENDATIONS
• Every finding includes a plain-English fix
• Copy-paste server configurations for nginx, Apache, Express, Django, Cloudflare Workers, and Vercel
• Prioritised by severity — fix what matters first
EXPORT & REPORTING
• Professional PDF report with cover page, executive summary, recommendations, and raw headers
• HTML, JSON, and Markdown (bug bounty) export formats
• Ready for stakeholder presentations or HackerOne/Bugcrowd submissions
ADDITIONAL TOOLS
• Auto-generate a working CSP from observed network traffic
• Infrastructure fingerprinting (CDN, WAF, hosting, framework detection)
• DOM audit (missing SRI, mixed content, unsafe iframes)
• Per-request security grading for all sub-resources
PRIVACY
• Zero external network requests — all analysis runs entirely in your browser
• No data collection, no telemetry, no accounts
• Open-source analysis engine
Built by VaultOcean — https://vaultocean.com
WHAT IT DOES
• Scans every HTTP response header on any website
• Deep Content-Security-Policy (CSP) directive-by-directive analysis
• Detects missing, weak, or misconfigured headers (HSTS, X-Frame-Options, CORS, Referrer-Policy, Permissions-Policy, COOP, COEP, CORP, cookies)
• Grades security posture from A+ to F with a 0–100 score
MULTI-ENGINE CONSENSUS
• Three independent scoring engines: CSPy, Google CSP Evaluator, and Mozilla Observatory
• Cross-validates results — when engines agree, confidence is high
ACTIONABLE RECOMMENDATIONS
• Every finding includes a plain-English fix
• Copy-paste server configurations for nginx, Apache, Express, Django, Cloudflare Workers, and Vercel
• Prioritised by severity — fix what matters first
EXPORT & REPORTING
• Professional PDF report with cover page, executive summary, recommendations, and raw headers
• HTML, JSON, and Markdown (bug bounty) export formats
• Ready for stakeholder presentations or HackerOne/Bugcrowd submissions
ADDITIONAL TOOLS
• Auto-generate a working CSP from observed network traffic
• Infrastructure fingerprinting (CDN, WAF, hosting, framework detection)
• DOM audit (missing SRI, mixed content, unsafe iframes)
• Per-request security grading for all sub-resources
PRIVACY
• Zero external network requests — all analysis runs entirely in your browser
• No data collection, no telemetry, no accounts
• Open-source analysis engine
Built by VaultOcean — https://vaultocean.com
Βαθμολογήθηκε με 5 από έναν αξιολογητή
Δικαιώματα και δεδομένα
Απαιτούμενα δικαιώματα:
- Κάνει λήψη αρχείων και ανάγνωση/τροποποίηση ιστορικού λήψεων του προγράμματος περιήγησης
- Κάνει εμφάνιση ειδοποιήσεων σε εσάς
- Έχει πρόσβαση στις καρτέλες περιήγησης
- Έχει πρόσβαση στα δεδομένα σας για κάθε ιστότοπο
Προαιρετικά δικαιώματα:
- Έχει πρόσβαση στα δεδομένα σας για κάθε ιστότοπο
Συλλογή δεδομένων:
- Ο δημιουργός δηλώνει ότι αυτή η επέκταση δεν απαιτεί συλλογή δεδομένων.
Περισσότερες πληροφορίες
- Σύνδεσμοι προσθέτου
- Έκδοση
- 2.0.0
- Μέγεθος
- 135,47 KB
- Τελευταία ενημέρωση
- μία μέρα πριν (5 Ιουν 2026)
- Σχετικές κατηγορίες
- Άδεια
- Άδεια MIT
- Πολιτική απορρήτου
- Διαβάστε την πολιτική απορρήτου του προσθέτου
- Ιστορικό εκδόσεων
- Προσθήκη σε συλλογή