AuRA - Auth. Request Analyser
Semi-automated analysis tool for OAuth 2.0 and OpenID Connect 1.0 Auth Requests.
What is AuRA - Auth. Request Analyser?
Stats
Chrome-Stats Rank
Other platforms
Summary
This extensions aims to support the analysis of single sign-on implementations, by offering semi-automated analysis and attack capabilities for OAuth 2.0 and OpenID Connect 1.0 Auth. Requests.
Features: • View request parameters at a glance, either via the popup or the developer tools panel. • Hover over standardised parameters for background information about parameters. • Manually modify request parameters. • Detailed Analysis of request parameters: • Observations: Informational findings within the Auth. Request. • Recommendations: Hardening measures directly identified within the current Auth. Request. • Attacks: Proposed further test cases, can be automatically executed with one click. • Search history for Auth. Request and replay the request. • Indicate with a badge if the currently visited page appears to be an Auth. Request. • Store and reload URL: Can be used as clipboard for one valid request, restore saved URL in case an error causes a redirect. • Manually trigger analysis.
Safety
Risk impact
AuRA - Auth. Request Analyser may not be safe to use and it requires some risky permissions. Exercise caution when installing this extension. Review carefully before installing.
Risk likelihood
AuRA - Auth. Request Analyser has earned a fairly good reputation and likely can be trusted.
Screenshots
Similar extensions
Here are some Chrome extensions that are similar to AuRA - Auth. Request Analyser: