CSP Auditor

A comprehensive Content Security Policy (CSP) vulnerability scanner plugin for Caido, designed to automatically detect and analyze CSP headers for common security misconfigurations and vulnerabilities with easily available applicable gadgets.

Brought to you by @GangGreenTemperTatum, proud ambassador of the Caido community!

Hack the planet 🤘

Report Bug • Request Feature

csp-auditor main panel

---

• CSP Auditor
  • Overview
  • Features
  • Quick Start
    • Prerequisites
    • Installation
    • Install from source (without auto-updates):
    • Usage
      • Dashboard & Analysis
      • Vulnerability Detection
      • Bypass Database
      • Configuration
  • Contributing
    • Adding New Bypass Gadgets
    • General Development
  • License
  • Star History

Overview

CSP Auditor is a Caido plugin that helps you monitor and analyze Content Security Policies (CSP) in web applications, it is designed to mimic the Burp Suite extension's functionality with additional improvements and integration with cspbypass.com for a built-in bypass database of real-world CSP bypass techniques, directly in Caido!

Features

• Real-time CSP Analysis: Automatically analyzes CSP headers from intercepted HTTP responses
• 34+ Vulnerability Checks: Comprehensive detection of CSP misconfigurations including:
  • Script wildcard sources and unsafe directives
  • JSONP bypass risks and AngularJS template injection
  • AI/ML and Web3 service integration risks
  • Missing Trusted Types and essential directives
  • Deprecated headers and vulnerable library hosts
• 209+ Bypass Payloads: Integrated database of real-world CSP bypass techniques from CSPBypass research

  A thank you to Rennie Pak and contributors of the project for the original CSP gadgets 🙏

• Searchable Bypass Database: Filter and copy bypass payloads directly from the plugin interface
• Vulnerability Modals: Detailed vulnerability information with relevant bypass examples and payload copying
• Configurable Detection: Enable/disable specific vulnerability checks via settings panel
• Caido Findings Integration: Automatically create findings for detected vulnerabilities
• Scope Awareness: Respect Caido's project scope settings for targeted analysis
• Export Functionality: Export findings as JSON or CSV for reporting
• Dashboard Statistics: Overview of analyzed policies, vulnerabilities by severity, and detection trends

---

Quick Start

Prerequisites

• Caido (latest version)
• Node.js and pnpm (for development)

Installation

Install from source (without auto-updates):

1. Clone the repository:

   git clone https://github.com/GangGreenTemperTatum/csp-auditor.git
   cd csp-auditor

2. Install dependencies:

   pnpm install

3. Build the plugin:

   pnpm build

4. Install in Caido:

   • Open Caido
   • Go to Settings > Plugins
   • Click "Install from file"
   • Select the built plugin file from the dist/ directory

---

Usage

CSP Auditor automatically monitors your HTTP traffic and analyzes CSP headers in real-time. Once installed, it works seamlessly in the background.

Dashboard & Analysis

• View CSP Statistics: Navigate to the CSP Auditor panel to see vulnerability counts by severity (high/medium/low/info)
• Analyze Individual Responses: Click on any analyzed response to view detailed CSP policy breakdown and specific vulnerabilities
• Export Reports: Export findings as JSON or CSV for documentation and reporting

csp-auditor analysis clickable

csp-auditor analysis modal

csp-auditor analysis modal

Vulnerability Detection

• Real-time Alerts: Automatic detection of 34+ CSP misconfigurations as you browse
• Caido Findings: Enable auto-creation of findings for detected vulnerabilities (toggle in settings)
• Severity Classification: Vulnerabilities categorized by impact level with detailed descriptions

csp-auditor finding

Bypass Database

• 209+ Real-world Bypasses: Searchable database of CSP bypass techniques from security research
• Copy Payloads: One-click copying of bypass code for testing
• Contextual Examples: Relevant bypasses shown in vulnerability modals for immediate testing

csp-auditor bypass gadget db

Configuration

• Scope Awareness: Respects Caido's project scope settings for targeted analysis
• Customizable Checks: Enable/disable specific vulnerability types via settings panel
• Cache Management: Clear analysis cache when needed

csp-audit settings

---

Contributing

Adding New Bypass Gadgets

CSP Auditor uses a comprehensive database of bypass techniques sourced from security research. To add new bypass gadgets:

1. Edit the TSV file: Add new entries to data/csp-bypass-data.tsv in the following format:

   domain.example.com	<script src="https://domain.example.com/payload.js"></script>
   

   • Column 1: Domain or service name
   • Column 2: The actual bypass payload/code
   • Use TAB character as separator (not spaces)

2. Technique Detection: The plugin automatically categorizes bypasses by technique:

   • JSONP (contains callback= or cb=)
   • AngularJS (contains ng- or angular)
   • Alpine.js (contains x-init or alpine)
   • HTMX (contains hx-)
   • Hyperscript (contains _=")
   • Script Injection (contains <script)
   • Event Handler (contains <img and onerror)
   • Link Preload (contains <link and onload)
   • Iframe Injection (contains <iframe)
   • Generic XSS (fallback category)

3. Testing: After adding entries, rebuild the plugin with pnpm build and test that new bypasses appear in the searchable database panel.

General Development

1. Fork the repository
2. Create your feature branch (git checkout -b feature/amazing-feature)
3. Commit your changes (git commit -m 'Add some amazing feature')
4. Push to the branch (git push origin feature/amazing-feature)
5. Open a Pull Request

---

License

This project is licensed under the MIT License - see the LICENSE file for details.

---

Star History

Made with ❤️ for the Caido community by @GangGreenTemperTatum