Burp Suite Extension useful to verify OAUTHv2 and OpenID security.
OAUTHScan is a Burp Suite Extension written in Java with the aim to provide some automatic security checks, which could be useful during penetration testing on applications implementing OAUTHv2 and OpenID standards.
The plugin looks for various OAUTHv2/OpenID vulnerabilities and common misconfigurations. Below a non-exhaustive list of checks performed by OAUTHScan:
- Open Redirect issues on Redirect_Uri parameter
- Authorization Code Replay issues
- Leakage of secrets (i.e. Tokens, Codes)
- PKCE misconfigurations
- Nonce parameter misconfigurations
- State parameter misconfiguration
- Input Validation issues on Scope parameter
- Detection of inherently insecure Flows
- SSRF issues via Request_Uri parameter
- Detection of Well-Known and WebFinger resources
- And others...