CSP Guardian
Website security header and iframe policy analyzer — inspects CSP, X-Frame-Options, cookies, CORS, and HSTS to flag clickjacking, XSS, and framing risks.
Fetches a URL's response headers, parses CSP directives, evaluates iframe posture, and produces a risk-scored report with remediation hints. Useful for auditing security headers on production sites, kiosks, signage, and embedded webviews. (Python — see also RustCSPGuardian for the faster CLI variant.)
Catalog entry only — a full write-up lands closer to release.
Related across catalogs
- RustCSPGuardianRust project· Release ready
Rust CLI for checking whether a website can be embedded inside iframe-based environments — dashboards, kiosks, signage players. Returns Allowed / Blocked / Unknown.
- Web Attack DetectionSecurity project· Demo ready
Web log detection lab — flags SQL injection, XSS, suspicious user agents, scanner activity, and risk-scored request summaries from nginx access logs.
- AttackReplay StudioSecurity project· Demo ready
Visual incident replay dashboard — turns safe sample logs into an attack timeline, attack path view, GeoIP map, and incident summary.
- AutoPatch AISecurity project· Demo ready
Dependency vulnerability scanner and upgrade planner — scans package.json, requirements.txt, and Dockerfile base images, flags risky pins, produces PR-preview output.
- Beaconing Traffic DetectorSecurity project· Demo ready
Detects periodic outbound callback (C2 beacon) behavior from timestamped network logs by scoring inter-arrival timing consistency per source/destination pair.
Want a heads-up when CSP Guardian releases?