CSPgen is a Content Security Policy (more) generator written in Python. It uses TOML configuration files as input and generates ready-to-use CSP headers. Additionally, CSPgen can parse a target URL and attempt to semi-automatically generate CSP headers (WIP).
CSPgen has two functionalities:
python cspgen.py -u <URL> -o <toml>
When passing a URL as input, CSPgen will attempt to make a request, parse the HTML and look for dynamic resources such as JS, CSS, image files, Flash objects etc. (currently only JS has been implemented). It will then create a configuration file, using the -o option, using TOML language. The configuration file can be used to generate Content Security Policy headers (see below)
python cspgen.py <file>
CSPgen reads a TOML configuration file and attempts to create ready-to-use Content Security Policy headers.
CSPgen is currently under heavy development and is not reliable for production use. Use with caution and always manually review output.