Cspparse | A Tool To Evaluate Content Security Policies

image

Description

cspparse is a tool to evaluate Content Security Policies. It uses Google’s API to retrieve the CSP Headers and returns them in ReconJSON format. Not only does it check for headers with Google’s API, it also parses the target site’s HTML to look for any CSP rules that are specified in the <meta> tag

Installation

Install Command and Download Source With Go Get

cspparse command will be installed to $GOPATH/bin and the source code (from https://github.com/lc/cspparse) will be found in $GOPATH/src/github.com/lc/cspparse with:

~ ❯ go get -u github.com/lc/cspparse

Install from Source

~ ❯ git clone https://github.com/lc/cspparse ~ ❯ cd cspparse ~ ❯ go build

Usage

~ ❯ cspparse <domain / url>

Example

~ ❯ cspparse https://www.facebook.com

Docker

~ > docker build -t cspparse .

Run

~ > docker run --rm -t cspparse <domain / url>

GitHub:

2 Likes