API Security Analyzer
Audit API configurations and headers for common security vulnerabilities.
Request Configuration
Response Headers Analysis
Tip: Copy headers from Chrome DevTools (Network Tab) > Response Headers section and paste them here.
Audit Report
Ready to Analyze
Enter API details above and click "Analyze Security".
Check HTTPS
Verify URL uses secure protocol
Check Auth Headers
Verify request contains credentials
Check HSTS
Response header: Strict-Transport-Security
Check CSP
Response header: Content-Security-Policy
Check X-Frame-Options
Prevent Clickjacking
Detect Server Leaks
Warn on X-Powered-By or Server headers
Enter API details above and click "Analyze Security".
'; analysisPerformed = false; }; window.apiDownloadPDF = function() { if (!analysisPerformed) { alert("Please perform an analysis first."); return; } const { jsPDF } = window.jspdf; const doc = new jsPDF(); const primaryColor = [37, 99, 235]; // Header doc.setFillColor(...primaryColor); doc.rect(0, 0, 210, 20, 'F'); doc.setTextColor(255, 255, 255); doc.setFontSize(16); doc.text("API Security Audit Report", 14, 13); // Metadata doc.setTextColor(50, 50, 50); doc.setFontSize(10); doc.text(`Date: ${new Date().toLocaleString()}`, 14, 30); doc.text(`Target URL: ${urlInput.value || 'Not specified'}`, 14, 36); doc.text(`Assessment: ${statusBadge.textContent}`, 14, 42); // Table const tableRows = findings.map(f => [f.level, f.category, f.message]); if (tableRows.length === 0) { tableRows.push(["Info", "General", "No specific findings generated."]); } doc.autoTable({ head: [['Severity', 'Category', 'Finding']], body: tableRows, startY: 50, theme: 'striped', headStyles: { fillColor: primaryColor, textColor: 255 }, styles: { fontSize: 10, cellPadding: 3 }, columnStyles: { 0: { cellWidth: 25, fontStyle: 'bold' }, 1: { cellWidth: 40 }, 2: { cellWidth: 'auto' } } }); doc.save("API_Security_Report.pdf"); }; });