seespee

LSE toolsLSE toolsseespee (140)seespee (140)

Tool and Usage

Project details
LicenseBSD 3-clause
Programming languageJavaScript
AuthorAndreas Lind
Latest release2.1.1 []

Project health

76
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Seespee helps to crawl a website and define a suitable Content Security Policy (CSP). The related Content-Security-Policy header can be added with the discovered value. This header defines what local and external resources can be loaded on a website.

Usage and audience

seespee is commonly used for application security. Target users for this tool are developers and security professionals.

Features

  • Command line interface

Example usage and output

seespee [--root <inputRootDirectory>] [--validate] [--level <number>]
[--ignoreexisting] [--include ...] <url|pathToHtml>

Options:
--help Show help [boolean]
--version Show version number [boolean]
--root Path to your web root so seespe can resolve root-relative
urls correctly (will be deduced from your input files if
not specified) [string]
--ignore-existing Whether to ignore the existing Content-Security-Policy
(<meta> or HTTP header) and start building one from scratch
[boolean] [default: false]
--include CSP directives to include in the policy to be generated,
eg. "script-src *.mycdn.com; img-src 'self'" [string]
--validate Turn on validation mode, useful for CI. If non-whitelisted
assets are detected, a report will be output, and seespee
will return a non-zero status code. [boolean]
--level The CSP level to target. Possible values: 1 or 2. Defaults
to somewhere in between so that all browsers are supported.
[number]
--pretty Whether to reformat the generated CSP in a human friendly
way [boolean] [default: true]
--user-agent Use a specific User-Agent string when retrieving http(s)
resources. Useful with servers that are configured to only
send a Content-Security-Policy header to browsers known to
understand it [string]

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code of this software is available

Author and Maintainers

Seespee is under development by Andreas Lind.

Installation

Supported operating systems

Seespee is known to work on Linux.

seespee alternatives

Similar tools to seespee:

74

Arachni

Web Application Security Scanner aimed towards helping users evaluate the security of web applications

97

django-security

Django-security is a toolkit for the Django framework with the focus on security. It provides models, views, and middleware to strengthen the defenses.

64

SQLMate

SQLMate is a security tool that calls itself a friend of SQLMap. It has similar functionality, yet comes with additional features like finding an admin panel and improved hash cracking. The tool can find possible vulnerable targets, with the option to save the results and feed it to others, like SQLMap.

All seespee alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a web application security tool.

Related terms