Kali Linux

Authz0 : An Automated Authorization Test Tool

Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.

URLs and Roles are managed as YAML-based templates, which can be automatically created and added through authz0. You can also test based on multiple authentication headers and cookies with a template file created/generated once.

Key Features

  • Generate scan template $ authz0 new
    • Include URLs
    • Include Roles
    • Include ZAP history (Select URLS > Save Selected Entiries as HAR)
    • Include Burp history (Select URLs > Save item)
    • Include HAR file
  • Easy modify scan template (Role, URL) $ authz0 setUrl $ authz0 setRole authz0 setCred
  • Scanning authorization(access-control) with template $ authz0 scan

Installation

go install

go install github.com/hahwul/authz0@latest

homebrew

brew tap hahwul/authz0
brew install authz0

Usage

Available Commands:

completion Generate the autocompletion script for the specified shell
help Help about any command
new Generate new template
scan Scanning
setCred Append Credential to Template
setRole Append Role to Template
setUrl Append URL to Template
version Show version

Generate template

authz0 new [flags]

e.g

authz0 new target.yaml –include-urls urls.txt
authz0 new target.yaml –include-zap zapurls.har
authz0 new target.yaml –include-burp burpurl.xml

Modify template

authz0 setCred [flags]
authz0 setRole [flags]
authz0 setUrl [flags]

e.g

authz0 setUrl target.yaml setUrl -u https://www.hahwul.com
authz0 setRole target.yaml -n User1
authz0 setCred target.yaml -n User1 -H “X-API-Key: 1234” -H “TestHeader: 12344”

Scanning

authz0 scan [flags]

e.g

authz0 scan target.yaml
authz0 scan target.yaml -r TestUser1 -H “Cookie: 1234=1234” -H “X-API-Key: 1234555”

R K

Recent Posts

Install Mono on Ubuntu 18.04: C# Compiler and Runtime Guide

Running programs built for Microsoft's framework on a Linux system is easier than you think. Mono is…

4 hours ago

Install OpenCV on Ubuntu 18.04: Step-by-Step Setup Guide

Computer vision technology powers many modern applications, from image editors to facial scanners. OpenCV (Open Source Computer…

4 hours ago

Install VNC on Ubuntu 18.04: Step-by-Step TigerVNC Setup

A remote desktop interface makes it easy to manage a remote computer. VNC (Virtual Network Computing) is…

4 hours ago

Install Gitea on Ubuntu 18.04: Self-Hosted Git Service Guide

Hosting your own code repositories is a great way to keep your projects private. Gitea is a…

4 hours ago

Install Java on Ubuntu 18.04: OpenJDK 11 and OpenJDK 8

Many modern programs require Java to run. From development tools like Eclipse to search systems…

4 hours ago

Configure a Static IP Address on Ubuntu 18.04: Netplan Guide

Setting a static IP address on your server is a smart move. It ensures your…

1 day ago