Hacksudo-CSP Headers Checker por Hacksudo

Hacksudo: Checks Content Security Policy (CSP) and common security headers, highlighting missing or weak configurations based on OWASP best practices.

Experimental

5 (1 avaliação)

2 usuários

Baixe o Firefox e instale a extensão

Baixar arquivo

Sobre esta extensão

🔐 Hacksudo CSP & Security Headers Checker

Hacksudo CSP & Security Headers Checker is a lightweight security auditing extension designed for developers, security engineers, and penetration testers.

It analyzes the active webpage and reports:

🛡 Content Security Policy (CSP)

Detects CSP header and meta CSP
Lists configured directives
Highlights missing critical directives:
default-src
script-src
object-src
base-uri
frame-ancestors
Flags weak configurations such as:
unsafe-inline
unsafe-eval
Wildcard (*) usage
Missing clickjacking protection

🔎 Security Headers Analysis

The extension checks for modern security headers commonly recommended by OWASP:

Content-Security-Policy
Strict-Transport-Security (HSTS)
X-Frame-Options
X-Content-Type-Options
Referrer-Policy
Permissions-Policy
Cross-Origin-Opener-Policy (COOP)
Cross-Origin-Embedder-Policy (COEP)
Cross-Origin-Resource-Policy (CORP)

Each header is categorized as:

✅ Set
⚠ Missing
🔴 Weak configuration

🎯 Use Cases

Web application security testing
VAPT assessments
Quick client-side header verification
Secure development validation
Learning CSP and browser hardening

🔐 Privacy & Data Collection

This extension does not collect, store, or transmit any user data.
All analysis is performed locally in the browser.

Avaliado em 5 por 1 revisor

Hacksudo-CSP Headers Checker por Hacksudo

Permissões necessárias:

Coleta de dados: