Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
URLs and Roles are managed as YAML-based templates, which can be automatically created and added through authz0. You can also test based on multiple authentication headers and cookies with a template file created/generated once.
$ authz0 new
$ authz0
setUrl
$ authz0 setRole
authz0 setCred
$ authz0 scan
Installation
go install
go install github.com/hahwul/authz0@latest
homebrew
brew tap hahwul/authz0
brew install authz0
Available Commands:
completion Generate the autocompletion script for the specified shell
help Help about any command
new Generate new template
scan Scanning
setCred Append Credential to Template
setRole Append Role to Template
setUrl Append URL to Template
version Show version
Generate template
authz0 new [flags]
e.g
authz0 new target.yaml –include-urls urls.txt
authz0 new target.yaml –include-zap zapurls.har
authz0 new target.yaml –include-burp burpurl.xml
Modify template
authz0 setCred [flags]
authz0 setRole [flags]
authz0 setUrl [flags]
e.g
authz0 setUrl target.yaml setUrl -u https://www.hahwul.com
authz0 setRole target.yaml -n User1
authz0 setCred target.yaml -n User1 -H “X-API-Key: 1234” -H “TestHeader: 12344”
Scanning
authz0 scan [flags]
e.g
authz0 scan target.yaml
authz0 scan target.yaml -r TestUser1 -H “Cookie: 1234=1234” -H “X-API-Key: 1234555”
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…