Ladwong
Developers Platform
Cyber Lab
WEB_HARDENING

HeaderHunter

A security header analysis project covering CSP, HSTS, Referrer Policy, Permissions Policy, and browser hardening signals.

Existing project integration

Header Coverage

  • Content-Security-Policy review for script, style, frame, and connect sources.
  • Strict-Transport-Security review for HTTPS enforcement and preload readiness.
  • Referrer-Policy and Permissions-Policy review for browser-side data minimization.

Report Structure

  • Current value and recommended value for each reviewed header.
  • Risk explanation written for developers and non-specialist stakeholders.
  • Implementation notes for Next.js and common reverse proxies.

Security Controls

  • Avoids probing beyond the supplied domain.
  • Does not perform exploitation or bypass testing.
  • Stores only summarized results in public documentation.