• There are a range of tools that can help analyze and build headers.
• Some of these significantly streamline the process of working with headers.
• There are also facilities that provide ongoing report analysis.

FIRST TOOL :

URL : https://securityheaders.com/

The above is the result of the scan of a particular web page and it shows CSP is missing which is vulnerable for XSS attacks.

SECOND TOOL :

URL : https://report-uri.com/home/tools

This tool show the scripting that has been set on various keywords of the CSP of a particular website as shown below.

THIRD TOOL :

This tool is the same report uri link but what it does is we can use it to build our own content security script and policies from scratch. This tool extracts the CSP policies from other sites which we provide here to get from and shows us their exact script. So that we can get an idea on how to build it as shown below.

URL : https://report-uri.com/home/generate

• We can also import a policy.