Security-Header-Extension
Item media 1 screenshot

Overview

A Chrome Extension built to check the presence of embedded security headers.

Developed by the ACNS Cybersecurity Internship Web team using modern web tools.

4.9 out of 57 ratings

Google doesn't verify reviews. Learn more about results and reviews.

Review's profile picture

Duc NguyenApr 22, 2024

Good one, need to update Permissions-Policy

Review's profile picture

Ted JamesFeb 15, 2023

Pretty cool! This extension could be useful when testing web applications. I would love to see a way to further customize views to remove deprecated headers. Maybe in a future release...

Review's profile picture

Alberto BarbieriFeb 8, 2022

Fast and Usefull. There are definitly other way to check for all the security headers, but sometimes when you are in a closed network where you can't reach the internet it's easy to use this extension. Usually I use Burp Pro or Browser developer mode

1 person found this review to be helpful

Details

  • Version
    6.2
  • Updated
    June 29, 2022
  • Offered by
    ACNS_cybersecurity_interns
  • Size
    510KiB
  • Languages
    English (United States)
  • Developer
    Email
    ACNS_cybersecurity_interns@colostate.edu
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

Security-Header-Extension has disclosed the following information regarding the collection and usage of your data.

Security-Header-Extension handles the following:

Location
Website content

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Related

Content Security Policy (CSP) Generator

4.2(11)

Automatically generate content security policy headers online for any website.

CSP Evaluator

3.1(25)

CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.

Trufflehog

5.0(7)

Sniffing out credentials

retire.js

4.9(8)

Scanning website for vulnerable js libraries

OWASP Penetration Testing Kit

4.9(43)

OWASP Penetration Testing Kit

SSL Checker

4.1(15)

See all information about current visited website SSL certificate

HackBar

4.1(49)

A browser extension for Penetration Testing

Burp Suite Navigation Recorder

5.0(3)

Improve your Burp Suite scan coverage by manually capturing how to perform complex actions on your website.

XSS

5.0(6)

Web Development tool

Shodan

4.5(132)

The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.

Vulners Web Scanner

4.6(20)

Tiny vulnerability scanner based on vulners.com vulnerability database. Passively scan websites while you surf internet!

DotGit

5.0(8)

An extension for checking if .git is exposed in visited websites

Content Security Policy (CSP) Generator

4.2(11)

Automatically generate content security policy headers online for any website.

CSP Evaluator

3.1(25)

CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.

Trufflehog

5.0(7)

Sniffing out credentials

retire.js

4.9(8)

Scanning website for vulnerable js libraries

OWASP Penetration Testing Kit

4.9(43)

OWASP Penetration Testing Kit

SSL Checker

4.1(15)

See all information about current visited website SSL certificate

HackBar

4.1(49)

A browser extension for Penetration Testing

Burp Suite Navigation Recorder

5.0(3)

Improve your Burp Suite scan coverage by manually capturing how to perform complex actions on your website.

Google apps