google/csp-evaluator

CSP Evaluator is a tool for developers and security experts to analyze Content Security Policy (CSP) implementations, helping identify potential bypasses and weaknesses that could allow cross-site scripting attacks. Based on Google's research, it assists in hardening CSP policies by checking against common bypass patterns and providing security recommendations. The tool is particularly useful for web developers and security professionals responsible for implementing and reviewing CSP policies to ensure robust protection against XSS vulnerabilities.