Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/SolomonSklash/sri-check

A Burp Suite extension for identifying missing Subresource Integrity attributes.
https://github.com/SolomonSklash/sri-check

Last synced: 3 months ago
JSON representation

A Burp Suite extension for identifying missing Subresource Integrity attributes.

Host: GitHub
URL: https://github.com/SolomonSklash/sri-check
Owner: SolomonSklash
License: gpl-3.0
Created: 2018-09-14T02:09:49.000Z (about 6 years ago)
Default Branch: master
Last Pushed: 2019-06-12T18:03:21.000Z (over 5 years ago)
Last Synced: 2024-04-07T06:32:26.748Z (7 months ago)
Language: Python
Homepage:
Size: 102 KB
Stars: 13
Watchers: 1
Forks: 6
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # SRI Check

A Burp Suite extension for identifying missing Subresource Integrity attributes.

* Passive scanner checks create informational issues in Burp Suite

* Only flags resources from 3rd party domains that do not include the integrity attribute.

* Written in Python

* Requires Jython 2.7+

* Pull requests welcome!

### Todo

* ~~Add support for relative paths~~

* ~~Improve regex, especially accounting for the case of script and link tags and spaces in tags~~

* ~~Check MIME type of pages to prevent running against images, CSS, etc.~~

* ~~Fix possible concurrency issues~~

* ~~Account for possible false positives on  tags~~

### Screenshots

![Example Issue](screenshots/screenshot01.png)