Web Security Audit geliştiren: Francesco De Stefano
Passively audits the security posture on current page
71 kullanıcı71 kullanıcı
Bu uzantıyı kullanmak için Firefox’a ihtiyacınız var
Uzantı meta verileri
Ekran görüntüleri
Bu uzantı hakkında
The goal of this project is to build an add-on for browser that passively audits the security posture of the websites that the user is visiting. Assume that the tool is to be used on non-malicious websites, currently not under attack or compromised. Add-on wants to report security misconfigurations, or failure to use best security practices.
- Add-on tries to analysis the commonly vulnerable setting of servers: lack of use of security-relevant headers, including:
- strict-transport-security
- x-xss-protection
- content-security-policy
- x-frame-options
- x-content-type-options
- It doesn't to interfere with the functioning of the visited website.
- It doesn't tamper with request parameters, or issue requests that were not initiated by the user (it is not active scanning).
- Incrementally generate a report in a separate window.
- Each report entry have a numeric score to indicate approximately its severity, as a way to prioritise further investigation by a human analyst [Common Vulnerability Scoring System](https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System).
### Limitations
- Add-on only works on sites that allow content scripts.
- Add-on tries to analysis the commonly vulnerable setting of servers: lack of use of security-relevant headers, including:
- strict-transport-security
- x-xss-protection
- content-security-policy
- x-frame-options
- x-content-type-options
- It doesn't to interfere with the functioning of the visited website.
- It doesn't tamper with request parameters, or issue requests that were not initiated by the user (it is not active scanning).
- Incrementally generate a report in a separate window.
- Each report entry have a numeric score to indicate approximately its severity, as a way to prioritise further investigation by a human analyst [Common Vulnerability Scoring System](https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System).
### Limitations
- Add-on only works on sites that allow content scripts.
5 inceleyiciden 5 puan aldı
İzinler ve verilerDaha fazla bilgi al
Gerekli izinler:
- Tüm web sitelerine ait verilerinize erişme
Daha fazla bilgi
- Eklenti bağlantıları
- Sürüm
- 1.0
- Boyut
- 24,75 KB
- Son güncelleme
- 5 yıl önce (13 Şub 2020)
- İlgili kategoriler
- Lisans
- Mozilla Kamu Lisansı 2.0
- Sürüm geçmişi
- Koleksiyona ekle
Bu geliştiriciyi destekleyin
Bu uzantının geliştiricisi, küçük bir bağışta bulunarak gelişimin devamı için katkıda bulunmanızı rica ediyor.
Francesco De Stefano tarafından geliştirilen diğer uzantılar
Henüz hiç puan yok- Henüz hiç puan yok
- Henüz hiç puan yok
- Henüz hiç puan yok
- Henüz hiç puan yok
- Henüz hiç puan yok