Web Security Audit download

The goal of this project is to build an add-on for browser that passively audits the security posture of the websites that the user is visiting. Assume that the tool is to be used on non-malicious websites, currently not under attack or compromised. Add-on wants to report security misconfigurations, or failure to use best security practices.

- Add-on tries to analysis the commonly vulnerable setting of servers: lack of use of security-relevant headers, including:
- strict-transport-security
- x-xss-protection
- content-security-policy
- x-frame-options
- x-content-type-options

It is available for Opera Beta and Developer browser - https://bit.ly/2TvvFw4

Features

It doesn't to interfere with the functioning of the visited website.
It doesn't tamper with request parameters, or issue requests that were not initiated by the user (it is not active scanning).
Incrementally generate a report in a separate window.
Each report entry have a numeric score to indicate approximately its severity, as a way to prioritise further investigation by a human analyst [Common Vulnerability Scoring System] (see on Wikipedia).

Project Samples

Project Activity

See All Activity >

License

Mozilla Public License 2.0 (MPL 2.0)

Follow Web Security Audit

Web Security Audit Web Site

Other Useful Business Software

Auth0 for AI Agents now in GA

Ready to implement AI with confidence (without sacrificing security)?

Connect your AI agents to apps and data more securely, give users control over the actions AI agents can perform and the data they can access, and enable human confirmation for critical agent actions.

Start building today

Rate This Project

User Reviews

Be the first to post a review of Web Security Audit!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Languages

English

Intended Audience

Advanced End Users, Auditors, Developers, Security Professionals

User Interface

Web-based

Programming Language

JavaScript

Related Categories

JavaScript Browser Extensions and Plugins

Registered

2020-02-14

Similar Business Software

Kasm Workspaces

Kasm Workspaces streams your workplace environment directly to your web browser…on any device and from any location. Kasm uses our high-performance streaming and secure isolation technology to provide web-native Desktop as a Service (DaaS), application streaming, and secure/private web...

See Software
Shift

Shift is the first fully customizable browser that empowers you to make the most of your life online. Shift allows you to drag and drop apps, bars, and controls, to create a central hub that adapts to however you work. Sign into 1,500+ web apps, swap instantly between Spaces for work, side...

See Software
Wave Browser

Wave Browser is an efficient, eco-conscious browser that creates a cleaner, more organized, and more meaningful online experience while helping remove ocean plastic through its partnership with 4ocean. Built on the trusted Chromium foundation, Wave Browser brings essential tools directly into...

See Software
Google Chrome Enterprise

Chrome Enterprise is a suite of business offerings that includes Chrome browser, Chrome's cloud management tool Chrome Enterprise Core, and the advanced security capabilities in Chrome Enterprise Premium. Chrome offers a dedicated enterprise download bundle, giving admins access to additional...

See Software
CryptoTab

Try CryptoTab, the world's first browser with mining features and it works on desktop (Windows & Mac) or smartphone (Android & iPhone/iPad). Earn bitcoin without looking up from watching videos, chatting, or gaming online. Join the community of more than 20 million users all over the world...

See Software
HERE Enterprise Browser

Built through collaboration with global banks, HERE Enterprise Browser provides enterprise security, workforce productivity and seamless integration of enterprise AI. HERE’s Chromium-based, zero-trust security model includes integration with Microsoft Entra and other IDPs, app access controls,...

See Software