csp-auditor
Security auditor
Analyzes and configures website security policies to prevent malicious scripts from running on user devices.
Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
138 stars
12 watching
34 forks
Language: Java
last commit: over 4 years ago
Linked from 1 awesome list
burpburp-plugincsphacktoberfesthttpsecurityzapzap-plugin
Related projects:
Repository | Description | Stars |
---|---|---|
moloch--/csp-bypass | Detects vulnerabilities in Content Security Policies | 163 |
malerisch/burp-csj | An extension for Burp Pro that integrates Crawljax and Selenium with JUnit for web application security testing and crawling. | 33 |
contrast-security-oss/burptrast | Automates vulnerability assessment and endpoint discovery for web applications using Contrast Security's Teamserver API. | 16 |
secdec/attack-surface-detector-burp | Identifies web app endpoints and parameters to help detect vulnerabilities | 98 |
gosecure/burp-fuzzy-encoding-generator | Tools to test various encoding options in Burp Intruder attacks | 6 |
zigoo0/jsonbee | Automated tool to discover and generate bypass payloads for Content Security Policy (CSP) restrictions on web pages | 676 |
w3c/webappsec-csp | A specification and implementation of the Content Security Policy (CSP) standard to secure web applications | 210 |
seisvelas/san-scanner | An extension for Burp Suite that helps discover Subject Alt Names in SSL certificates | 3 |
gand3lf/semgrepper | An extension to Burp Suite that integrates Semgrep for vulnerability scanning and analysis | 88 |
debasishm89/burpy | A tool that analyzes web application security by parsing Burp Suite logs and generating reports. | 120 |
boostsecurityio/poutine | Detects misconfigurations and vulnerabilities in software supply chains during build pipelines. | 239 |
peachtech/peachapisec-burp | Integration between Burp and Peach API Security for automated security testing of web APIs. | 2 |
unstppbl/gowap | Analyzes web pages to extract technologies and metadata | 193 |
govtech-csg/autowasp | A tool to automate web security testing and logging using Burp Suite | 75 |
zimmski/go-mutesting | A tool to detect untested parts of source code by introducing small changes and testing the resulting behavior. | 650 |