Application Security
Security headers, CSP, secret scanning, SRI and CVSS scoring.
CSP Analyzer
Paste a Content-Security-Policy header and get it parsed into directives and audited for weaknesses, with severity and fixes. Runs in your browser.
CVSS Calculator
Calculate a CVSS v3.1 base score and severity from the eight base metrics. Build the vector string and see how each choice moves the score, in your browser.
Secret Scanner
Paste code or config to find leaked API keys, tokens and private keys using gitleaks-style signatures. Runs in your browser, nothing is uploaded.
Security Headers Analyzer
Paste raw HTTP response headers and get a graded report of your security headers, with severity ratings and copy-paste fixes. Runs in your browser.
SRI Hash Generator
Generate a Subresource Integrity hash and a ready-to-paste script or link tag from your asset contents. Hashed in your browser, nothing is uploaded.