Get a full analysis of your site security headers, and understand how to easily improve your Client-Side security posture.
Security Headers Scanner allows developers and security experts to easily inspect a site’s HTTP Security Headers like Content Security Policy (CSP) and understand wether it serves as a strong mitigation against client-side attacks like XSS, Clickjacking, Formjacking, CSRF and more.
The extension runs with the same logic as SecurityHeaderScanner.com tool, and is built combining years of cumulative best practice with Security Headers and Content-Security-Policy (CSP) technologies and how to most effectively block client-side attacks.
The tool may suggest a Grade / Score / Tips / Bypasses to site's security headers. These are to be taken as help to developers only, and RapidSec provides no guarantees or warranties for this tool.
If you are looking to automate the deployment of Content-Security-Policy (CSP), along with other important security controls (SameSite, Security headers), you can use RapidSec.com .
Latest reviews
- (2021-08-03) Дмитрий Гусев: Nice all in one tool to reveal you app security leaks. I liked the cookies section, it helped me to see my server misconfiguration.
- (2021-08-02) Saurav Hiremath: Really helpful to get insights, and doesn't affect site load times at all!