Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
This plugin provides:
This project is packaged as a ZAP and Burp plugin.
Last updated : August 3th 2017
Passive rules and custom tab:
Configuration builder:
Type the following command:
./gradlew build
or if you have already Gradle installed on your machine:
gradle build
For more context around Content-Security-Policy and how to apply it to your website see our blog posts on the topic: