Web Security Audit download

The goal of this project is to build an add-on for browser that passively audits the security posture of the websites that the user is visiting. Assume that the tool is to be used on non-malicious websites, currently not under attack or compromised. Add-on wants to report security misconfigurations, or failure to use best security practices.

- Add-on tries to analysis the commonly vulnerable setting of servers: lack of use of security-relevant headers, including:
- strict-transport-security
- x-xss-protection
- content-security-policy
- x-frame-options
- x-content-type-options

It is available for Opera Beta and Developer browser - https://bit.ly/2TvvFw4

Features

It doesn't to interfere with the functioning of the visited website.
It doesn't tamper with request parameters, or issue requests that were not initiated by the user (it is not active scanning).
Incrementally generate a report in a separate window.
Each report entry have a numeric score to indicate approximately its severity, as a way to prioritise further investigation by a human analyst [Common Vulnerability Scoring System] (see on Wikipedia).

Project Samples

Project Activity

See All Activity >

License

Mozilla Public License 2.0 (MPL 2.0)

Follow Web Security Audit

Web Security Audit Web Site

Other Useful Business Software

Try Google Cloud Risk-Free With $300 in Credit

No hidden charges. No surprise bills. Cancel anytime.

Use your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.

Start Free

Rate This Project

User Reviews

Be the first to post a review of Web Security Audit!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Languages

English

Intended Audience

Advanced End Users, Auditors, Developers, Security Professionals

User Interface

Web-based

Programming Language

JavaScript

Related Categories

JavaScript Browser Extensions and Plugins

Registered

2020-02-14

Similar Business Software

Kasm Workspaces

Kasm Workspaces streams your workplace environment directly to your web browser…on any device and from any location. Kasm uses our high-performance streaming and secure isolation technology to provide web-native Desktop as a Service (DaaS), application streaming, and secure/private web...

See Software
Shift

Shift is the first fully customizable browser that empowers you to make the most of your life online. Shift allows you to drag and drop apps, bars, and controls, to create a central hub that adapts to however you work. Sign into 1,500+ web apps, swap instantly between Spaces for work, side...

See Software
Wave Browser

Wave Browser is an efficient, eco-conscious browser that creates a cleaner, more organized, and more meaningful online experience while helping remove ocean plastic through its partnership with 4ocean. Built on the trusted Chromium foundation, Wave Browser brings essential tools directly into...

See Software
Google Chrome Enterprise

Chrome Enterprise is a suite of business offerings that includes Chrome browser, Chrome's cloud management tool Chrome Enterprise Core, and the advanced security capabilities in Chrome Enterprise Premium. Chrome offers a dedicated enterprise download bundle, giving admins access to additional...

See Software
HERE Enterprise Browser

Built through collaboration with global banks, HERE Enterprise Browser provides enterprise security, workforce productivity and seamless integration of enterprise AI. HERE’s Chromium-based, zero-trust security model includes integration with Microsoft Entra and other IDPs, app access controls,...

See Software
Avast Secure Browser

Avast Secure Browser automatically blocks online ads to drastically improve website load time. Hide all ads, or just the most intrusive, so you can browse uninterrupted. Our private browser has advanced security built in, so you can browse, shop, and bank safely on any website. Hide everything...

See Software