csp-auditor
Security auditor
Analyzes and configures website security policies to prevent malicious scripts from running on user devices.
Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
138 stars
12 watching
34 forks
Language: Java
last commit: almost 5 years ago
Linked from 1 awesome list
burpburp-plugincsphacktoberfesthttpsecurityzapzap-plugin
infoslack/awesome-web-hackingRelated projects:
| Repository | Description | Stars |
|---|---|---|
 moloch--/csp-bypass | Detects vulnerabilities in Content Security Policies | 163 |
 malerisch/burp-csj | An extension for Burp Pro that integrates Crawljax and Selenium with JUnit for web application security testing and crawling. | 33 |
 contrast-security-oss/burptrast | Automates vulnerability assessment and endpoint discovery for web applications using Contrast Security's Teamserver API. | 16 |
 secdec/attack-surface-detector-burp | Identifies web app endpoints and parameters to help detect vulnerabilities | 98 |
| gosecure/burp-fuzzy-encoding-generator | Tools to test various encoding options in Burp Intruder attacks | 6 |
 zigoo0/jsonbee | Automated tool to discover and generate bypass payloads for Content Security Policy (CSP) restrictions on web pages | 678 |
 w3c/webappsec-csp | A specification and implementation of the Content Security Policy (CSP) standard to secure web applications | 210 |
 seisvelas/san-scanner | An extension for Burp Suite that helps discover Subject Alt Names in SSL certificates | 3 |
 gand3lf/semgrepper | An extension to Burp Suite that integrates Semgrep for vulnerability scanning and analysis | 88 |
 debasishm89/burpy | A tool that analyzes web application security by parsing Burp Suite logs and generating reports. | 120 |
 boostsecurityio/poutine | Detects misconfigurations and vulnerabilities in software supply chains during build pipelines. | 239 |
 peachtech/peachapisec-burp | A tool for integrating automated security testing with web API analysis in Burp Suite | 2 |
 unstppbl/gowap | Analyzes web pages to extract technologies and metadata | 193 |
 govtech-csg/autowasp | A tool to automate web security testing and logging using Burp Suite | 75 |
 zimmski/go-mutesting | A tool to detect untested parts of source code by introducing small changes and testing the resulting behavior. | 650 |