Autorize: Burp Suite extension for automatic authorization enforcement detection
Autorize is an open-source Burp Suite extension that checks if users can access things they shouldn’t. It runs automatic tests to help security testers find authorization problems.
Autorize installation
To use Autorize, you’ll need Burp Suite and Jython. Here’s how to set it up:
- Download Burp Suite
- Download Jython
- Open burp > Extender > Options > Python Environment > Select File > Choose the Jython standalone JAR
- Install Autorize from the BApp Store or download the source code:
git clone git@github.com:Quitten/Autorize.git
- Open Burp > Extender > Extensions > Add > Choose
Autorize.py
file. - Once it’s installed, you’ll see a new Autorize tab in Burp.
With its latest release, the tool has expanded its capabilities to include automated authentication testing, making it even more versatile.
Autorize is available for free on GitHub.
Must read:
- GitHub CISO on security strategy and collaborating with the open-source community
- Don’t let these open-source cybersecurity tools slip under your radar
- 33 open-source cybersecurity solutions you didn’t know you needed
Subscribe to the Help Net Security ad-free monthly newsletter to stay informed on the essential open-source cybersecurity tools. Subscribe here!