cspparse is a tool to evaluate Content Security Policies. It uses Google's API to retrieve the CSP Headers and returns them in ReconJSON format. Not only does it check for headers with Google's API, it also parses the target site's HTML to look for any CSP rules that are specified in the <meta>
tag
Installation
Install Command and Download Source With Go Get
cspparse
command will be installed to $GOPATH/bin
and the source code (from https://github.com/lc/cspparse
) will be found in $GOPATH/src/github.com/lc/cspparse
with:
~ ❯ go get -u github.com/lc/cspparse
Install from Source
~ ❯ git clone https://github.com/lc/cspparse
~ ❯ cd cspparse
~ ❯ go build
Usage
~ ❯ cspparse <domain / url>
Example
~ ❯ cspparse https://www.facebook.com
Docker
~ > docker build -t cspparse .
Run
~ > docker run --rm -t cspparse <domain / url>