lauritzh / auth-request-analyserLinks
This Chromium extensions aims at supporting the analysis of single sign-on implementations, by offering semi-automated analysis and attack capabilities for OAuth 2.0 and OpenID Connect 1.0 Authorization/Authentication Requests.
☆30Updated 2 years ago
Alternatives and similar repositories for auth-request-analyser
Users that are interested in auth-request-analyser are comparing it to the libraries listed below
Sorting:
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆35Updated 10 months ago
- A collection of utilities for building extensions using Burp's Montoya API☆52Updated 2 months ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆73Updated 3 years ago
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆20Updated last year
- Make better use of the embedded browser that comes by default with Burp☆44Updated 2 years ago
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆21Updated 11 months ago
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Updated last year
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated 2 years ago
- ☆91Updated last month
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Updated last month
- My talks...☆25Updated 10 months ago
- A Burp Suite extension for Lightning/Aura framework security testing with advanced action management, context editing, and comprehensive …☆52Updated last month
- A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.☆62Updated 2 years ago
- ☆42Updated last month
- Additional active scan checks for BURP☆28Updated last year
- ☆64Updated 2 years ago
- AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration test…☆37Updated last year
- Unicode characters that will translate a single character to multiple characters in domain names or TLD's☆49Updated last year
- A set of open-source community scripts☆65Updated last year
- Let's check if your target is vulnerable for client side prototype pollution.☆65Updated last year
- spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.☆84Updated 7 months ago
- ☆16Updated last month
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆164Updated 2 months ago
- ☆106Updated 3 years ago
- Token Tailor is a Burp Suite Community Edition extension that aims to simplify security testing by automating JWT renewal.☆35Updated 3 months ago
- Dependency Confusion Security Testing Tool☆51Updated 3 years ago
- ☆28Updated 2 years ago
- A Burp Suite extension for finding DNS vulnerabilities in web applications!☆94Updated 2 years ago
- An extension to use Semgrep inside Burp Suite.☆89Updated 7 months ago
- An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition☆28Updated 7 years ago