This plugin provides a readable view of CSP Headers in the Response Tab, passive scan rules to detect weak CSP configuration, and a CSP configuration generator based on the Burp crawler or manual browsing. The project is packaged as a ZAP and Burp plugin. For more context around Content-Security-Policy and how to apply it to your website, see their blog posts on the topic: [Building a Content Security Policy Configuration with CSP Auditor](http://gosecure.net/2017/07/20/building-a-content-security-policy-configuration-with-csp-auditor) and [Auditing CSP Headers with Burp and ZAP](https://gosecure.net/2016/06/28/auditing-csp-headers-with-burp-and-zap/)
Common questions about CSP Auditor including features, pricing, alternatives, and user reviews.
CSP Auditor is A plugin for viewing, detecting weak configurations, and generating Content Security Policy headers. It is a Application Security solution designed to help security teams with Content Security Policy.
CSP Auditor is a free Application Security tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/GoSecure/csp-auditor/ for download and installation instructions.
Popular alternatives to CSP Auditor include:
Compare all CSP Auditor alternatives at https://cybersectools.com/alternatives/csp-auditor
CSP Auditor is for security teams and organizations that need Content Security Policy. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Application Security tools can be found at https://cybersectools.com/categories/application-security
Head-to-head feature, pricing, and rating breakdowns.
Managed web app security scanning service covering OWASP Top 10 vulnerabilities
AI-enhanced web app vulnerability scanner with zero false-positive SLA
DAST platform for API and web app security testing with business logic focus
DAST platform for web app & API vulnerability scanning with AI-enabled features