Autorize – The most popular tool to discover AuthZ/AuthN flaws

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Security Authorization Zap authorization-enforcement Proxy

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • ZAP

    The ZAP core project

    • The use of capital punctuation implies a warning? an alert? Would this same response be warranted for Burp which is also a commercial, closed source product?

    If this is an issue for some, then ZAP being open source[1] maybe favourable.

    That said, Burp is the defacto tool for a reason - it's best in class. Every pentester I know, including myself, has a paid subscription. The fact that it's closed source hasn't been an issue.

    [1] https://github.com/zaproxy/zaproxy

  • Autorize

    Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • caido

    🚀 Caido releases, wiki and roadmap

    • Caido[1] a interception proxy written in Rust, is positioning itself as a "lightweight" alternative to Burp. It can't compete yet with Burp in terms of functionality, although it's certainly looking promising.

    Perhaps one of few contenders to Burp in respect to features is ZAP[2].

    [1] https://caido.io/

    [2] https://www.zaproxy.org/

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Show HN: Pākiki Proxy – An intercepting proxy for penetration pesting

    4 projects | news.ycombinator.com | 27 Oct 2023

  • Writing a TLS capable http proxy in Rust using actix-web

    3 projects | /r/rust | 13 May 2022

  • Santa: A binary authorization and monitoring system for macOS

    1 project | news.ycombinator.com | 5 May 2024

  • How to Implement Authorization in React JS

    3 projects | dev.to | 1 May 2024

  • Tunnelmole, an ngrok alternative (open source)

    9 projects | news.ycombinator.com | 21 Mar 2024