登录
Hacksudo-CSP Headers Checker 预览

Hacksudo-CSP Headers Checker 作者: Hacksudo

Hacksudo: Checks Content Security Policy (CSP) and common security headers, highlighting missing or weak configurations based on OWASP best practices.

实验性
5(1 条评价)
3 个用户
下载 Firefox 并安装扩展
下载文件
关于此扩展
🔐 Hacksudo CSP & Security Headers Checker

Hacksudo CSP & Security Headers Checker is a lightweight security auditing extension designed for developers, security engineers, and penetration testers.

It analyzes the active webpage and reports:

🛡 Content Security Policy (CSP)
  • Detects CSP header and meta CSP
  • Lists configured directives
  • Highlights missing critical directives:
  • default-src
  • script-src
  • object-src
  • base-uri
  • frame-ancestors
  • Flags weak configurations such as:
  • unsafe-inline
  • unsafe-eval
  • Wildcard (*) usage
  • Missing clickjacking protection

🔎 Security Headers Analysis

The extension checks for modern security headers commonly recommended by OWASP:
  • Content-Security-Policy
  • Strict-Transport-Security (HSTS)
  • X-Frame-Options
  • X-Content-Type-Options
  • Referrer-Policy
  • Permissions-Policy
  • Cross-Origin-Opener-Policy (COOP)
  • Cross-Origin-Embedder-Policy (COEP)
  • Cross-Origin-Resource-Policy (CORP)

Each header is categorized as:
  • ✅ Set
  • ⚠ Missing
  • 🔴 Weak configuration

🎯 Use Cases
  • Web application security testing
  • VAPT assessments
  • Quick client-side header verification
  • Secure development validation
  • Learning CSP and browser hardening

🔐 Privacy & Data Collection

This extension does not collect, store, or transmit any user data.
All analysis is performed locally in the browser.
评分 5(1 位用户)

已保存星级评分

5
1
4
0
3
0
2
0
1
0
权限与数据

必要权限:

  • 获取浏览器标签页
  • 访问您在所有网站的数据

收集的数据:

  • 开发者称此扩展无需收集数据。
详细了解
更多信息
版本
3.0
大小
17.96 KB
上次更新
3 个月前 (2026年2月12日)
版本历史
标签
添加到收藏集
举报此附加组件