csp-auditor

Security auditor

Analyzes and configures website security policies to prevent malicious scripts from running on user devices.

Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website

GitHub

138 stars
12 watching
34 forks
Language: Java
last commit: over 4 years ago
Linked from 1 awesome list

burpburp-plugincsphacktoberfesthttpsecurityzapzap-plugin

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
moloch--/csp-bypass Detects vulnerabilities in Content Security Policies 163
malerisch/burp-csj An extension for Burp Pro that integrates Crawljax and Selenium with JUnit for web application security testing and crawling. 33
contrast-security-oss/burptrast Automates vulnerability assessment and endpoint discovery for web applications using Contrast Security's Teamserver API. 16
secdec/attack-surface-detector-burp Identifies web app endpoints and parameters to help detect vulnerabilities 98
gosecure/burp-fuzzy-encoding-generator Tools to test various encoding options in Burp Intruder attacks 6
zigoo0/jsonbee Automated tool to discover and generate bypass payloads for Content Security Policy (CSP) restrictions on web pages 676
w3c/webappsec-csp A specification and implementation of the Content Security Policy (CSP) standard to secure web applications 210
seisvelas/san-scanner An extension for Burp Suite that helps discover Subject Alt Names in SSL certificates 3
gand3lf/semgrepper An extension to Burp Suite that integrates Semgrep for vulnerability scanning and analysis 88
debasishm89/burpy A tool that analyzes web application security by parsing Burp Suite logs and generating reports. 120
boostsecurityio/poutine Detects misconfigurations and vulnerabilities in software supply chains during build pipelines. 239
peachtech/peachapisec-burp Integration between Burp and Peach API Security for automated security testing of web APIs. 2
unstppbl/gowap Analyzes web pages to extract technologies and metadata 193
govtech-csg/autowasp A tool to automate web security testing and logging using Burp Suite 75
zimmski/go-mutesting A tool to detect untested parts of source code by introducing small changes and testing the resulting behavior. 650