nico3333fr / CSP-useful
Collection of scripts, thoughts about CSP (Content Security Policy)
☆486Updated 2 months ago
Related projects: ⓘ
- ☆186Updated last year
- Mozilla Observatory (Website)☆306Updated 2 months ago
- Scan your HTTPS-enabled website for Mixed Content☆522Updated 4 years ago
- Ciplerli.st - strong ciphers for NGINX, Apache and Lighttpd☆315Updated 4 years ago
- Create a Content-Security-Policy for a website based on the statically detectable relations☆75Updated 5 months ago
- A proposed standard that allows websites to define security policies.☆1,780Updated last year
- Scan domains and return data based on HTTPS best practices☆669Updated last month
- An observatory for TLS configurations, X509 certificates, and more.☆528Updated 2 months ago
- INACTIVE - SRI Hash Generator☆148Updated 5 months ago
- Mozilla SSL Configuration Generator☆359Updated 3 months ago
- ☆388Updated this week
- Prevent reverse tabnabbing phishing attacks caused by _blank☆140Updated 5 years ago
- ☆321Updated 2 months ago
- A weekly selection of the relevant Chromium and Firefox intents☆271Updated this week
- Web Application Security Working Group repo☆606Updated this week
- WebAppSec Content Security Policy☆207Updated last week
- Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike☆228Updated 2 weeks ago
- Tracks issues / notes for HTTP/2 prioritization across browsers, CDNs and servers☆265Updated 4 years ago
- A CSP collector written in Golang☆98Updated last month
- Because good website security shouldn't only be available to mad scientists!☆174Updated last year
- The command line tool for the HTTP Observatory☆90Updated last year
- WikiMo documentation (mainly the security space, but everyone's welcome to use this)☆63Updated 8 months ago
- CSP (Content Security Policy) reports server which forwards reports to Elasticsearch.☆57Updated last year
- A tiny web auditor with strong opinions.☆582Updated 2 months ago
- A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.☆1,695Updated last month
- Certificate Transparency Log Monitor☆956Updated 2 months ago
- Block bad, possibly even malicious web crawlers (automated bots) using htaccess.☆365Updated 9 years ago
- DEPRECATED - A prototype SSH configuration and policy scanner (Blog: https://mozilla.github.io/ssh_scan/)☆792Updated 2 years ago
- Server side TLS Tools☆1,119Updated 6 months ago
- The GDPR Checklist☆760Updated last year