AuRA - Auth. Request Analyser

Semi-automated analysis tool for OAuth 2.0 and OpenID Connect 1.0 Auth Requests.
What is AuRA - Auth. Request Analyser?
AuRA - Auth. Request Analyser is a Chrome extension that offers semi-automated analysis and attack capabilities for OAuth 2.0 and OpenID Connect 1.0 Auth Requests. It provides detailed analysis, recommendations, and the ability to modify request parameters.
Download

Extension stats

Users: 187
Version: 1.1 (Last updated: 2022-03-30)
Creation date: 2021-11-11
Risk impact: Moderate risk impact
Risk likelihood: Low risk likelihood
Manifest version: 3
Permissions:
  • tabs
  • storage
  • history
Size: 24.80K

Ranking

# 58418 ▼ 239
Other rankings
#8201 in Developer Tools ▼ 29 #99 in request keyword 20 ▼ 6 #244 in developer tools keyword 59 ▼ 3

Other platforms

Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Extension summary

Analyze keywords

This extensions aims to support the analysis of single sign-on implementations, by offering semi-automated analysis and attack capabilities for OAuth 2.0 and OpenID Connect 1.0 Auth. Requests.

Features: • View request parameters at a glance, either via the popup or the developer tools panel. • Hover over standardised parameters for background information about parameters. • Manually modify request parameters. • Detailed Analysis of request parameters: • Observations: Informational findings within the Auth. Request. • Recommendations: Hardening measures directly identified within the current Auth. Request. • Attacks: Proposed further test cases, can be automatically executed with one click. • Search history for Auth. Request and replay the request. • Indicate with a badge if the currently visited page appears to be an Auth. Request. • Store and reload URL: Can be used as clipboard for one valid request, restore saved URL in case an error causes a redirect. • Manually trigger analysis.

Extension safety

Risk impact

AuRA - Auth. Request Analyser requires a few sensitive permissions. Exercise caution before installing.

Risk likelihood

AuRA - Auth. Request Analyser has earned a fairly good reputation and likely can be trusted.

Upgrade to see risk analysis details

Similar extensions

Here are some Chrome extensions that are similar to AuRA - Auth. Request Analyser:

SAML-tracer
SAML-tracer
SimpleSAMLphp
4.38
300,000+
SAML DevTools extension
SAML DevTools extension
stefan.rasmusson.as
4.17
40,000+
SAML, WS-Federation and OAuth 2.0 tracer
SAML, WS-Federation and OAuth 2.0 tracer
https://rcfed.com
4.00
10,000+
Aura Tab
Aura Tab
Aura Tab
N/A
19
Azure AD App Launcher
Azure AD App Launcher
astaykov
5.00
319
SAML Message Decoder
SAML Message Decoder
Magnus Suther
4.31
80,000+
SAML Chrome Panel
SAML Chrome Panel
MLai
3.83
100,000+
Untrusted Types for DevTools
Untrusted Types for DevTools
Thomas Orlita
5.00
1,000+
OWASP Penetration Testing Kit
OWASP Penetration Testing Kit
https://pentestkit.co.uk
4.81
20,000+
OpenID
OpenID
https://www.donationbasedhosting.org
N/A
312
OAuth Flows
OAuth Flows
scripturesdev
4.11
3,000+
Simple OAuth2 Client
Simple OAuth2 Client
sat
N/A
289