Merlin
AuRA - Auth. Request Analyser

AuRA - Auth. Request Analyser

Semi-automated analysis tool for OAuth 2.0 and OpenID Connect 1.0 Auth Requests.

What is AuRA - Auth. Request Analyser?
AuRA - Auth. Request Analyser is a Chrome extension that offers semi-automated analysis and attack capabilities for OAuth 2.0 and OpenID Connect 1.0 Auth Requests. It provides detailed analysis, recommendations, and the ability to modify request parameters.
Download
Merlin
Stats
Users: 186 ▲ 4
Version: 1.1 (Last updated: 2022-03-30)
Creation date: 2021-11-11
Risk impact: Moderate risk impact
Risk likelihood: Low risk likelihood
Manifest version: 3
Permissions:
  • tabs
  • storage
  • history
Size: 24.80K
Stats date:

Chrome-Stats Rank

# 53947 ▲ 180
Other rankings
#6815 in Developer Tools ▲ 9 #34 in request keyword 26 ▲ 5 #202 in analysis keyword 50 ▲ 29 #226 in developer tools keyword 59 ▲ 27

Other platforms

Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.
Chrome-Stats extension
Merlin
Summary
Analyze keywords

This extensions aims to support the analysis of single sign-on implementations, by offering semi-automated analysis and attack capabilities for OAuth 2.0 and OpenID Connect 1.0 Auth. Requests.

Features: • View request parameters at a glance, either via the popup or the developer tools panel. • Hover over standardised parameters for background information about parameters. • Manually modify request parameters. • Detailed Analysis of request parameters: • Observations: Informational findings within the Auth. Request. • Recommendations: Hardening measures directly identified within the current Auth. Request. • Attacks: Proposed further test cases, can be automatically executed with one click. • Search history for Auth. Request and replay the request. • Indicate with a badge if the currently visited page appears to be an Auth. Request. • Store and reload URL: Can be used as clipboard for one valid request, restore saved URL in case an error causes a redirect. • Manually trigger analysis.

Safety
Risk impact

AuRA - Auth. Request Analyser may not be safe to use and it requires some risky permissions. Exercise caution when installing this extension. Review carefully before installing.

Risk likelihood

AuRA - Auth. Request Analyser has earned a fairly good reputation and likely can be trusted.

Upgrade to see risk analysis details
Screenshots
AuRA - Auth. Request Analyser
Similar extensions

Here are some Chrome extensions that are similar to AuRA - Auth. Request Analyser:

SAML-tracer
SAML-tracer
SimpleSAMLphp
4.27
300,000+
SAML DevTools extension
SAML DevTools extension
stefan.rasmusson.as
4.29
40,000+
SAML, WS-Federation and OAuth 2.0 tracer
SAML, WS-Federation and OAuth 2.0 tracer
https://rcfed.com
4.00
10,000+
retire.js
retire.js
jadwigaostrowska803
4.86
20,000+
Aura Tab
Aura Tab
Aura Tab
N/A
35
Azure AD App Launcher
Azure AD App Launcher
astaykov
5.00
329
SAML Message Decoder
SAML Message Decoder
Magnus Suther
4.29
80,000+
SAML Chrome Panel
SAML Chrome Panel
MLai
3.94
100,000+
Untrusted Types for DevTools
Untrusted Types for DevTools
Thomas Orlita
5.00
1,000+
OpenID
OpenID
https://www.donationbasedhosting.org
N/A
348
OAuth Flows
OAuth Flows
scripturesdev
4.11
3,000+
Simple OAuth2 Client
Simple OAuth2 Client
sat
N/A
191