whs-authz-authn/caido-plugin-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
61 commits 12 branches 0 tags 16 MiB
Commit graph

61 commits

This branch
This branch
All branches
Author SHA1 Message Date
tv0924@icloud.com
efb89c668c [Update] nonce 파라미터 감지 범위 늘림 및 nonce 파라미터 재사용에대한 검증 로직 추가 2025-06-04 16:02:42 +09:00
gyuu04
c722adbe9d
 		Merge pull request #18 from whs-authz-authn-project/gyu 
Update redirect_uriBypass.ts
 2025-06-03 14:45:30 +09:00
gyuu04
979dda299a Update redirect_uriBypass.ts 2025-06-03 14:44:09 +09:00
gyuu04
14164ceb83
 		Merge pull request #17 from whs-authz-authn-project/gyu 
[Add] RedirectBypassController 및 실행 로직 추가
 2025-06-03 12:50:47 +09:00
gyuu04
78042ef305 [Add] RedirectBypassController 및 실행 로직 추가 
- redirect_uri 우회 탐지용 RedirectBypassController 클래스 추가
- index.ts에 testAsync 연결 로직 삽입
 2025-06-03 12:44:48 +09:00
gyuu04
e45124de21
 		Merge pull request #16 from whs-authz-authn-project/gyu 
Create redirect_uriBypass.ts
 2025-06-03 12:30:11 +09:00
gyuu04
986c6e59b6 Create redirect_uriBypass.ts 
redirect_uri 우회 탐지 로직 추가
 2025-06-03 12:26:03 +09:00
암냥 (imnyang)
e83988f5fb
 		Merge pull request #15 from whs-authz-authn-project/feature/pkce 
PKCE 리팩토링 && pkceCheckController는 onInterceptRequest에서 작동되어야합니다.
 2025-06-02 22:29:08 +09:00
imnyang
e34649288c Merge branch 'main' of https://github.com/whs-authz-authn-project/caido-plugin-test into feature/pkce 2025-06-02 22:17:14 +09:00
김민곤
eca9a8a5b5
 		Merge pull request #14 from whs-authz-authn-project/feature/csrf 
수진, 민곤 확인 완료
 2025-06-02 22:13:04 +09:00
imnyang
d820695cec Merge branch 'main' of https://github.com/whs-authz-authn-project/caido-plugin-test into feature/pkce 2025-06-02 22:05:37 +09:00
imnyang
c72f103221 FEAT: 리팩토링 2025-06-02 22:03:52 +09:00
tv0924@icloud.com
1c57ad1a39 [Update] oauth 탐지 로직 정교화 2025-06-02 10:56:42 +09:00
tv0924@icloud.com
b8b7edb5ac [Update] oauth 탐지 로직 정교화 2025-06-02 10:50:11 +09:00
James
9ccd1eb7ac
 		Merge pull request #13 from whs-authz-authn-project/feature/access-token-detector 
[FIX]: Access token 탐지 키워드 리스트 수정
 2025-06-02 09:55:51 +09:00
KMINGON
b1c10b0739 Merge branch 'main' into feature/access-token-detector 2025-06-02 00:22:04 +09:00
김민곤
db242c4465
 		Merge pull request #12 from whs-authz-authn-project/feature/csrf 
데일리스크럼 코드리뷰에서 2차 확인까지 마쳐서 merge 진행
 2025-06-02 00:21:20 +09:00
KMINGON
96452cf9fa Merge branch 'feature/access-token-detector' of https://github.com/whs-authz-authn-project/caido-plugin-test into feature/access-token-detector 2025-06-01 21:00:04 +09:00
KMINGON
77a65002f7 [FIX]: 탐지 키워드 정상화 2025-06-01 20:59:48 +09:00
tv0924@icloud.com
2010b85c4d [Fix] 특정 경우에서 csrf 방지 토큰이 없다고 판별한 것을 수정 2025-06-01 20:14:10 +09:00
sultanofdisco
3a8fb9a401
 		Merge pull request #10 from whs-authz-authn-project/sujin 
nonceCheck 수정
 2025-05-31 15:56:04 +09:00
sultanofdisco
77a05bb707 nonceCheck 수정3 2025-05-31 15:42:37 +09:00
sultanofdisco
e7f9d5684b Merge branch 'main' of https://github.com/whs-authz-authn-project/caido-plugin-test into sujin 2025-05-31 15:27:30 +09:00
imnyang
316a078bd0 Merge branch 'main' of https://github.com/whs-authz-authn-project/caido-plugin-test into feature/pkce 2025-05-31 15:03:40 +09:00
imnyang
907fcd8120 Remove pkce 2025-05-31 15:02:27 +09:00
sultanofdisco
252400a911 nonceCheck 수정2 2025-05-31 14:39:20 +09:00
김민곤
b801fdda0b
 		Merge pull request #9 from whs-authz-authn-project/feature/access-token-detector 
Feature/access token detector
 2025-05-31 12:57:02 +09:00
김민곤
a2b7d44ec0
 		Merge branch 'main' into feature/access-token-detector 2025-05-31 12:48:11 +09:00
KMINGON
f1b5ef5f9b REFACTOR : findings를index가 아닌 모듈애서 만들도록 수정 2025-05-31 12:37:54 +09:00
암냥 (imnyang)
d9353220e6
 		Update README.md 2025-05-31 12:03:49 +09:00
암냥 (imnyang)
a3fcf28786
 		Merge pull request #7 from whs-authz-authn-project/feature/scope 
[Add] Scope Detection
 2025-05-31 12:02:31 +09:00
암냥 (imnyang)
307d373b9c
 		Merge branch 'main' into feature/scope 2025-05-31 12:01:58 +09:00
KMINGON
7b704cacf4 STYLE : 로그 수정 2025-05-31 11:56:47 +09:00
KMINGON
858dfd16dc FEAT : AccessToken 및 각종 토큰 존재 여부 확인하는 controller 작성, 테스트 필요 2025-05-31 11:56:47 +09:00
imnyang
b1f3534e1c 포팅은 했는데 테스트는 안해보긴 했어요 테스트좀 해주세요 2025-05-31 11:55:15 +09:00
sultanofdisco
cc81947bd8 nonceCheck 수정 2025-05-31 11:55:06 +09:00
암냥 (imnyang)
6efa9f4d20
 		Merge pull request #5 from whs-authz-authn-project/main 
Commit Behind
 2025-05-31 11:51:47 +09:00
김민곤
315e38a726
 		Merge pull request #3 from whs-authz-authn-project/feature/csrf 
Feature/csrf
 2025-05-31 11:49:40 +09:00
seungyeoncherry
dfeab629d7 [Add] Scope Detection 2025-05-31 11:49:11 +09:00
tv0924@icloud.com
5fed2eb7d0 [Update] index 2025-05-31 11:47:52 +09:00
암냥 (imnyang)
dcb91d141f
 		Merge branch 'main' into feature/csrf 2025-05-31 11:41:54 +09:00
James
19b6cb788c
 		Merge pull request #2 from whs-authz-authn-project/imnyang 
feature: PKCE Downgrade
 2025-05-31 11:38:48 +09:00
imnyang
b64c8cc4e4
 		[Add] PKCE 완 2025-05-28 23:28:31 +09:00
tv0924@icloud.com
ef1d8f40b3 [Update] feature 2025-05-28 16:49:48 +09:00
tv0924@icloud.com
f775282e91 [Add] csrf 2025-05-28 15:01:53 +09:00
tv0924@icloud.com
5042a108d8 [Add] csrf 2025-05-28 14:56:14 +09:00
tv0924@icloud.com
366f90e5a8 [Add] csrf 테스트 추가 2025-05-28 14:30:55 +09:00
tv0924@icloud.com
e868cbec67 csrf(state) 관련 취약점 탐지 기능 추가 2025-05-28 14:17:24 +09:00
imnyang
0a24c5594d
 		[Add] PKCE 체크 및 관련 기능 구현, Playground 디렉토리 정리 2025-05-26 00:56:03 +09:00
imnyang
ba20dd9007
 		제가 코드 통일성이 없었네요... 2025-05-25 22:28:56 +09:00