AppSec Inspector

Professional security inspection tool. Scan headers, detect secrets, audit auth - all locally, no data collection.

AppSec Inspector - Professional Web Application Security Toolkit AppSec Inspector is a powerful, privacy-focused Chrome extension designed for Application Security, DevSecOps, SOC, and QA teams. Perform comprehensive security audits directly in your browser - all analysis runs locally with zero data transmission. ✨ KEY FEATURES 🛡️ Security Header Inspector • Analyze HTTP security headers (CSP, HSTS, X-Frame-Options, etc.) • OWASP Top 10 2021 mapping • Severity-based findings (PASS/WARN/FAIL) • Detailed remediation recommendations 🔑 Token & Secret Leak Detector • Scan DOM, JavaScript, and network requests • Detect 30+ types of secrets (JWT, AWS keys, API keys, etc.) • Smart secret masking • Location tracking (DOM/JS/Network/Storage) 🔐 Auth & Session Checker • Cookie security analysis (Secure, HttpOnly, SameSite) • JWT token decoding and validation • Session management audit • Token expiration checking 📊 NEW: Security Score & Grade • 0-100 comprehensive security rating • Executive-friendly A-F letter grade • Weighted breakdown by category • Real-time score updates ✅ NEW: Auto-Fix Code Snippets • Copy-paste ready configuration fixes • Multi-platform support (Nginx, Apache, Express, Spring Boot) • One-click copy to clipboard • Supports 7 major security headers 🔐 PRIVACY FIRST ✓ 100% Local Analysis ✓ Zero Data Collection ✓ No Remote Servers ✓ Read-Only Inspection ✓ User-Initiated Scans Only 📤 EXPORT & SHARE • Export findings in JSON, TXT, or PDF format • Share results via social media • Professional reports for stakeholders ⚠️ DISCLAIMER This tool is designed for authorized security testing only.