{"id":13603100,"url":"https://github.com/hahwul/authz0","last_synced_at":"2025-04-05T07:06:11.088Z","repository":{"id":40005706,"uuid":"444805843","full_name":"hahwul/authz0","owner":"hahwul","description":"🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles \u0026 Credentials.","archived":false,"fork":false,"pushed_at":"2024-08-23T00:38:56.000Z","size":487,"stargazers_count":391,"open_issues_count":1,"forks_count":54,"subscribers_count":11,"default_branch":"main","last_synced_at":"2024-10-25T01:32:18.698Z","etag":null,"topics":["auth","authorization","authz","bugbounty","golang","golang-application","security","security-scanner","security-tools"],"latest_commit_sha":null,"homepage":"https://authz0.hahwul.com","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hahwul.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"custom":["https://paypal.me/hahwul","https://www.buymeacoffee.com/hahwul"]}},"created_at":"2022-01-05T13:03:07.000Z","updated_at":"2024-10-21T10:38:12.000Z","dependencies_parsed_at":"2024-02-06T15:27:19.183Z","dependency_job_id":"573019b2-c748-4c5a-8112-81fa2b1cc225","html_url":"https://github.com/hahwul/authz0","commit_stats":{"total_commits":109,"total_committers":3,"mean_commits":"36.333333333333336","dds":0.09174311926605505,"last_synced_commit":"896570b8fb83dd837f1b439477b424f9e995bccc"},"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hahwul%2Fauthz0","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hahwul%2Fauthz0/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hahwul%2Fauthz0/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hahwul%2Fauthz0/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hahwul","download_url":"https://codeload.github.com/hahwul/authz0/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247299832,"owners_count":20916190,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["auth","authorization","authz","bugbounty","golang","golang-application","security","security-scanner","security-tools"],"created_at":"2024-08-01T18:01:50.572Z","updated_at":"2025-04-05T07:06:11.060Z","avatar_url":"https://github.com/hahwul.png","language":"Go","funding_links":["https://paypal.me/hahwul","https://www.buymeacoffee.com/hahwul"],"categories":["Go","bugbounty"],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e\n  \u003cbr\u003e\n  \u003ca href=\"\"\u003e\u003cimg src=\"https://user-images.githubusercontent.com/13212227/149369752-8b344201-ebc4-43b2-8d64-b1229a5ee4c2.png\" alt=\"\" width=\"300px;\"\u003e\u003c/a\u003e\n\u003c/h1\u003e\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/hahwul/authz0/blob/main/CONTRIBUTING.md\"\u003e\u003cimg src=\"https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://goreportcard.com/report/github.com/hahwul/authz0\"\u003e\u003cimg src=\"https://goreportcard.com/badge/github.com/hahwul/authz0\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/hahwul/authz0/actions/workflows/go.yml\"\u003e\u003cimg src=\"https://github.com/hahwul/authz0/actions/workflows/go.yml/badge.svg\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://twitter.com/intent/follow?screen_name=hahwul\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/hahwul?style=flat\u0026logo=twitter\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\nAuthz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles \u0026 Credentials.\n\nURLs and Roles are managed as YAML-based templates, which can be automatically created and added through authz0. You can also test based on multiple authentication headers and cookies with a template file created/generated once.\n\n![authz0-2](https://user-images.githubusercontent.com/13212227/149650143-a34d8826-f272-4aca-b9a7-323de268cd52.jpg)\n\n## 🛸 Key Features\n* Generate scan template `$ authz0 new`\n    * Include URLs\n    * Include Roles\n    * Include ZAP history (Select URLS \u003e Save Selected Entiries as HAR)\n    * Include Burp history (Select URLs \u003e Save item)\n    * Include HAR file\n* Easy modify scan template (Role, URL) `$ authz0 setUrl` `$ authz0 setRole` `authz0 setCred`\n* Scanning authorization(access-control) with template `$ authz0 scan`\n* Support macOS/Windows/Linux and [Docker](https://hub.docker.com/r/hahwul/authz0/tags), [Github action](https://github.com/marketplace/actions/authz0-scan)\n\n## 🚀 Installation\n*go install*\n```\ngo install github.com/hahwul/authz0@latest\n```\n\n*homebrew*\n```\nbrew tap hahwul/authz0\nbrew install authz0\n```\n\nNeed more information? please refer to [installation guide](https://authz0.hahwul.com/installation.html)\n\n## 🛸 Usage\n**Available Commands:**\n```\n  completion  Generate the autocompletion script for the specified shell\n  help        Help about any command\n  new         Generate new template\n  scan        Scanning\n  setCred     Append Credential to Template\n  setRole     Append Role to Template\n  setUrl      Append URL to Template\n  version     Show version\n```\n\n### 1. Generate template\n```\nauthz0 new \u003cfilename\u003e [flags]\n```\ne.g \n```\nauthz0 new target.yaml --include-urls urls.txt\nauthz0 new target.yaml --include-zap zapurls.har\nauthz0 new target.yaml --include-burp burpurl.xml\n```\n\n### 2. Modify template\n```\nauthz0 setCred \u003cfilename\u003e [flags]\nauthz0 setRole \u003cfilename\u003e [flags]\nauthz0 setUrl \u003cfilename\u003e [flags]\n```\ne.g \n```\nauthz0 setUrl target.yaml setUrl -u https://www.hahwul.com\nauthz0 setRole target.yaml -n User1\nauthz0 setCred target.yaml -n User1 -H \"X-API-Key: 1234\" -H \"TestHeader: 12344\"\n```\n\n### 3. Scanning \n```\nauthz0 scan \u003cfilename\u003e [flags]\n```\ne.g\n```\nauthz0 scan target.yaml\nauthz0 scan target.yaml -r TestUser1 -H \"Cookie: 1234=1234\" -H \"X-API-Key: 1234555\"\n```\n\n## Github Actions\nPlease read https://github.com/hahwul/authz0/tree/main/github-action\n\n## 📖 Documents\nhttps://authz0.hahwul.com\n\n## 🤔 Question\nPlease use [discussions](https://github.com/hahwul/authz0/discussions) actively!\n\n## 📌 Changelog\nDetailed changes for each release are documented in the [release notes](https://github.com/hahwul/authz0/releases).\n\n## ❤️ Contributing\nAuthz0's open-source project and made it with ❤️\nif you want contribute this project, please see [CONTRIBUTING.md](https://github.com/hahwul/authz0/blob/main/CONTRIBUTING.md) and Pull-Request with cool your contents.\n\n[![](/CONTRIBUTORS.svg)](https://github.com/hahwul/authz0/graphs/contributors)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhahwul%2Fauthz0","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhahwul%2Fauthz0","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhahwul%2Fauthz0/lists"}