OneForAll是一款功能强大的子域收集工具

Manages application of security headers with many safe defaults

An unsecure by-design PWA that students can analyse with a suite of tools and support to build their understanding of web-based secure software architecture.

Collection of scripts, thoughts about CSP (Content Security Policy)

Check any website (or set of websites) for insecure security headers.

Manage and create Content Security Policies more easily.

Discover new target domains using Content Security Policy

PHP Secure Headers

Build Content-Security-Policy headers from a JSON file (or build them programmatically)

A Burp Plugin for Detecting Weaknesses in Content Security Policies

Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.

A CSP collector written in Golang

Strict CSP (Content-Security-Policy) for Next.js hybrid apps https://web.dev/strict-csp/

A PHP library aiming to make the use of browser security features more accessible.

Websites monitoring via GitHub Actions/API (expiration, security, performances, privacy, SEO)

A lightweight method to turn JavaScript on and off in multiple platforms (Firefox and Chromimum)

A Gatsby plugin which adds strict Content Security Policy to your project.

A browser extension to disable http header Content-Security-Policy and html meta Content-Security-Policy

Analyze Content-Security-Policy header of a given URL.

Content security policy manager for Umbraco