Skip to content

GoSecure/csp-auditor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

47 Commits

csp-auditor-burp-plugin

csp-auditor-burp-plugin

 
 

csp-auditor-core

csp-auditor-core

 
 

csp-auditor-zap-plugin

csp-auditor-zap-plugin

 
 

downloads

downloads

 
 

gradle/wrapper

gradle/wrapper

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

BappDescription.html

BappDescription.html

 
 

BappManifest.bmf

BappManifest.bmf

 
 

README.md

README.md

 
 

build.gradle

build.gradle

 
 

demo.gif

demo.gif

 
 

demo2.gif

demo2.gif

 
 

gradlew

gradlew

 
 

gradlew.bat

gradlew.bat

 
 

settings.gradle

settings.gradle

 
 

Repository files navigation

CSP Auditor Build Status

This plugin provides:

  • a readable view of CSP Headers in Response Tab
  • passive scan rules to detect weak CSP configuration
  • a CSP configuration generator based on the Burp crawler or using manual browsing

This project is packaged as a ZAP and Burp plugin.

Download

Last updated : August 3th 2017

Screenshots

Passive rules and custom tab:

CSP Auditor Burp Plugin

Configuration builder:

CSP Auditor Burp Plugin

Building the plugin

Type the following command:

./gradlew build

or if you have already Gradle installed on your machine:

gradle build

Read more

For more context around Content-Security-Policy and how to apply it to your website see our blog posts on the topic:

About

Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website

Topics

http security csp zap burp hacktoberfest burp-plugin zap-plugin

Resources

Readme
Activity
Custom properties

Stars

136 stars

Watchers

12 watching

Forks

34 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 6

Languages