Skip to content
/ csp-evaluator-burp Public

Jython (Burp extension) implementation of Google's csp-evaluator project

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TheArqsz/csp-evaluator-burp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
images
images
 
 
CSPEvaluatorBurp.py
CSPEvaluatorBurp.py
 
 
README.md
README.md
 
 

Repository files navigation

CSP Evaluator for Burp

Burp extension (jython) based on csp-evaluator project from Google. All credits for basic evaluator logic go to the creators of this project.

How to install?

  1. Clone this project with git
  2. Go to the Extensions tab in Burp Suite
  3. Click add and select Python
  4. Find the CSPEvaluatorBurp.py file locally and load it by selecting the mark next to the name of the extension
  5. Wait for it to load and have fun

How does it work?

There are two implementations of this project:

  • active scanning
  • passive scanning

Issues are found automatically in the background when you search the web via built-in chromium browser and during active scanning. New entries will pop-up in issues tab in the Dashboard.

Issue tab in Burp's Dashboard with an example passive scan on mozilla.org

About

Jython (Burp extension) implementation of Google's csp-evaluator project

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages