Get a full analysis of your site security headers, and understand how to easily improve it

Security Header Scanner

Security Header Scanner helps developers and security experts to easily inspect and evaluate a site’s request headers, and understand wether it serves as a strong mitigation against client-side attacks like XSS, CSRF, Clickjacking, Formjacking, Data Exfiltration and more.

The tool is built combining years of cumulative best practice with the Content-Security-Policy, analyzing request headers and other technologies and how to most effectively block client-side attacks.

The tool may suggest a Grade / Score / Tips / Bypasses after analyzing the request headers.

If you are looking to automate the deployment of Content-Security-Policy (CSP) and other request headers, the recommendations suggested by this tool, you can use