ExtDB
API & MCP

SecLens

Full HTTP security header audit — CSP, HSTS, CORS, SRI, and 15+ checks with live DevTools panel

As of June 2026, SecLens has users in the Developer Tools category.

Swastiktube007Developer Tools
Chrome Web Store ↗.crx
Usersno change0%
Ratingno change0%
— reviews
Reviewsno change0%
Version
1.0.0
Manifest V3

History

1 snapshots

Tracking since May 24, 2026.

Not enough history yet for this metric — the chart fills in as we collect more snapshots.
View as table
DateUsersRatingReviewsVersion
May 24, 20261.0.0
Now1.0.0

Permissions & access

Permissions
webRequeststoragetabs
Host access
<all_urls>

Screenshots

SecLens screenshot 1SecLens screenshot 2SecLens screenshot 3SecLens screenshot 4

About

SecLens audits the HTTP security headers of any website you visit — instantly, in your browser.

Open the popup for a quick summary, or the DevTools panel (F12 → SecLens) for a full real-time breakdown as the page loads.

Checks include:
- Content Security Policy (CSP) — parsed and evaluated using Google's csp-evaluator library
- HSTS — max-age, includeSubDomains, preload
- CORS misconfiguration detection
- Subresource Integrity (SRI) — grouped by registered domain
- X-Content-Type-Options, X-Frame-Options
- Referrer-Policy, Permissions-Policy
- COOP, COEP, CORP
- Cache-Control on API responses
- Tech stack info disclosure (Server header)
- Report-Only CSP detection
- Multiple conflicting CSP headers

Built for developers and security engineers who want instant visibility into a site's header posture without opening Burp or running a separate scanner.

No data leaves your browser. No accounts. No tracking.

Technical

Version
1.0.0
Manifest
V3
Size
103KiB
Min Chrome
88
Languages
1
Featured
No

Metadata

ID
fakmijdhhmibfhimojfjnminjimlfcef
Developer ID
ufbff9f0b7d2f969eedca8376383a5f9d
Developer Email
[email protected]
Created
May 23, 2026
Last Updated (Store)
May 23, 2026
Last Scraped
Jun 14, 2026
Website
Support URL

Data sourced from the Chrome Web Store · last verified Jun 14, 2026.