神刀安全网

csp-auditor Burp and ZAP plugin to analyse Content-Security-Policy headers or generate temp…

CSP Auditor

This plugin provides:

  • a readable view of CSP Headers in Response Tab
  • passive scan rules to detect weak CSP configuration
  • a CSP configuration generator based on the Burp crawler or using manual browsing

This project is packaged as a ZAP and Burp plugin.

Download

Last updated : July 20th 2017

Screenshots

csp-auditor Burp and ZAP plugin to analyse Content-Security-Policy headers or generate temp...

Building the plugin

Type the following command:

./gradlew build

or if you have already Gradle installed on your machine:

gradle build

Read more

For more context around Content-Security-Policy and how to apply it to your website see our blog posts on the topic:

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » csp-auditor Burp and ZAP plugin to analyse Content-Security-Policy headers or generate temp…

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址