Skip to content
/ oauth-scan Public
forked from akabe1/OAUTHScan

Burp Suite Extension useful to verify OAUTHv2 and OpenID security

License

GPL-3.0 license
182 stars 28 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

PortSwigger/oauth-scan

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

49 Commits
gradle/wrapper
gradle/wrapper
 
 
src/burp
src/burp
 
 
.gitignore
.gitignore
 
 
BappDescription.html
BappDescription.html
 
 
BappManifest.bmf
BappManifest.bmf
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

OAUTHScan

Description

OAUTHScan is a Burp Suite Extension written in Java with the aim to provide some automatic security checks, which could be useful during penetration testing on applications implementing OAUTHv2 and OpenID standards.

The plugin looks for various OAUTHv2/OpenID vulnerabilities and common misconfigurations (based on official specifications of both frameworks), many of the checks have been developed according with the following references:

Below a non-exhaustive list of checks performed by OAUTHScan:

  • Open Redirect issues on Redirect_Uri parameter
  • Authorization Code Replay issues
  • Leakage of secrets (i.e. Tokens, Codes)
  • PKCE misconfigurations
  • Nonce parameter misconfigurations
  • State parameter misconfiguration
  • Input Validation issues on Scope parameter
  • Detection of inherently insecure Flows
  • SSRF issues via Request_Uri parameter
  • Detection of Well-Known and WebFinger resources
  • And others...

Installation

First download (or clone) the OAUTHScan repository from this repo. Then build it using gradle command: gradlew build fatJar. Finally use the Burp GUI Extender tab to import the generated 'OAUTHscan-all-X.Y.jar' file (located on "build/libs/" project folder).

Usage

OAUTHScan is fully integrated with the Burp Scanner, after installed on Burp you have only to launch Passive or Active scans on your targeted request.

Author

  • OAUTHScan plugin was developed by Maurizio Siddu

GNU License

Copyright (c) 2022 OAUTHScan

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/

About

Burp Suite Extension useful to verify OAUTHv2 and OpenID security

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

182 stars

Watchers

4 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages

  • Java 99.8%
  • HTML 0.2%