Item logo image for AuRA - Auth. Request Analyser

AuRA - Auth. Request Analyser

security.lauritz-holtmann.de
ExtensionDeveloper Tools190 users
Item media 1 screenshot

Overview

Semi-automated analysis tool for OAuth 2.0 and OpenID Connect 1.0 Auth Requests.

This extensions aims to support the analysis of single sign-on implementations, by offering semi-automated analysis and attack capabilities for OAuth 2.0 and OpenID Connect 1.0 Auth. Requests. Features: • View request parameters at a glance, either via the popup or the developer tools panel. • Hover over standardised parameters for background information about parameters. • Manually modify request parameters. • Detailed Analysis of request parameters: • Observations: Informational findings within the Auth. Request. • Recommendations: Hardening measures directly identified within the current Auth. Request. • Attacks: Proposed further test cases, can be automatically executed with one click. • Search history for Auth. Request and replay the request. • Indicate with a badge if the currently visited page appears to be an Auth. Request. • Store and reload URL: Can be used as clipboard for one valid request, restore saved URL in case an error causes a redirect. • Manually trigger analysis.

0 out of 5No ratings

Google doesn't verify reviews. Learn more about results and reviews.

Details

  • Version
    1.1
  • Updated
    March 30, 2022
  • Size
    24.22KiB
  • Languages
    English
  • Developer
    Website
    Email
    support@lauritz-holtmann.de
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Support

For help with questions, suggestions, or problems, please open this page on your desktop browser

Google apps