AppSec Inspector
Extension Actions
Professional security inspection tool. Scan headers, detect secrets, audit auth - all locally, no data collection.
AppSec Inspector - Professional Web Application Security Toolkit
AppSec Inspector is a powerful, privacy-focused Chrome extension designed for Application Security, DevSecOps, SOC, and QA teams. Perform comprehensive security audits directly in your browser - all analysis runs locally with zero data transmission.
✨ KEY FEATURES
🛡️ Security Header Inspector
• Analyze HTTP security headers (CSP, HSTS, X-Frame-Options, etc.)
• OWASP Top 10 2021 mapping
• Severity-based findings (PASS/WARN/FAIL)
• Detailed remediation recommendations
🔑 Token & Secret Leak Detector
• Scan DOM, JavaScript, and network requests
• Detect 30+ types of secrets (JWT, AWS keys, API keys, etc.)
• Smart secret masking
• Location tracking (DOM/JS/Network/Storage)
🔐 Auth & Session Checker
• Cookie security analysis (Secure, HttpOnly, SameSite)
• JWT token decoding and validation
• Session management audit
• Token expiration checking
📊 NEW: Security Score & Grade
• 0-100 comprehensive security rating
• Executive-friendly A-F letter grade
• Weighted breakdown by category
• Real-time score updates
✅ NEW: Auto-Fix Code Snippets
• Copy-paste ready configuration fixes
• Multi-platform support (Nginx, Apache, Express, Spring Boot)
• One-click copy to clipboard
• Supports 7 major security headers
🔐 PRIVACY FIRST
✓ 100% Local Analysis
✓ Zero Data Collection
✓ No Remote Servers
✓ Read-Only Inspection
✓ User-Initiated Scans Only
📤 EXPORT & SHARE
• Export findings in JSON, TXT, or PDF format
• Share results via social media
• Professional reports for stakeholders
⚠️ DISCLAIMER
This tool is designed for authorized security testing only.