reddit hackernews mail facebook facebook linkedin


Analyze the security headers returned by a web page and report dangerous configurations.
#cors   #headers   #http   #xss  

- Security Header Evaluation: Examines the presence and values of identified security headers.
- Overall Configuration Analysis: Performs a comprehensive evaluation of the headers before flagging potentially risky configurations.
- Content-Security-Policy Directive Analysis: Analyzes CSP directives with a focus on configurations that may allow XSS attacks.
- WAF Bypass: Makes basic adjustments to the request to avoid potential blocking by WAFs.
- Multiple Target Analysis: It is possible to analyze security headers across multiple pages and domains.