whs-authz-authn/caido-plugin-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Commit graph

  • 4dd57745d8
         Merge 1a9d227fe6 into 1e9a0f1aa0 sultanofdisco 2025-06-07 04:50:31 +00:00
  • 1a9d227fe6 Update index.ts sujin sultanofdisco 2025-06-07 13:46:48 +09:00
  • dfa5392038 Merge branch 'main' of https://github.com/whs-authz-authn-project/caido-plugin-test into sujin sultanofdisco 2025-06-07 13:40:44 +09:00
  • 2e400517a8 Update index.ts sultanofdisco 2025-06-07 09:25:34 +09:00
  • 1736debae1 Update nonceCheck.ts sultanofdisco 2025-06-07 09:24:26 +09:00
  • 1e79dcabaa
         Temp feature/control-tower imnyang 2025-06-05 21:49:59 +09:00
  • 143b308e77
         Merge branch 'main' of https://github.com/whs-authz-authn-project/caido-plugin-test into feature/control-tower imnyang 2025-06-05 21:47:35 +09:00
  • 0eca258096
         temp commit imnyang 2025-06-05 21:47:25 +09:00
  • 1e9a0f1aa0
         Merge pull request #21 from whs-authz-authn-project/feature/access-token-detector main 김민곤 2025-06-04 22:40:19 +09:00
  • 595d0e93a3 Merge branch 'main' into feature/access-token-detector feature/access-token-detector KMINGON 2025-06-04 22:37:39 +09:00
  • 195be25c22 [DOCS] : findings 추가될 때 reporter 값 설정 KMINGON 2025-06-04 22:36:37 +09:00
  • 5a88570fe2
         Merge pull request #19 from whs-authz-authn-project/feature/csrf 김민곤 2025-06-04 22:19:15 +09:00
  • d2c95cff2e
         Merge pull request #20 from whs-authz-authn-project/feature/access-token-detector James 2025-06-04 22:03:47 +09:00
  • ac53cd4be5 [FIX]: index의 response에 위치하던 request검사 함수 이동 KMINGON 2025-06-04 17:04:39 +09:00
  • ba98eef694 Merge branch 'main' into feature/access-token-detector KMINGON 2025-06-04 17:02:13 +09:00
  • 1bc442b1d3 [FIX]: tokenType까지 검사하여 OAuth Flow인지 확인 KMINGON 2025-06-04 17:01:32 +09:00
  • efb89c668c [Update] nonce 파라미터 감지 범위 늘림 및 nonce 파라미터 재사용에대한 검증 로직 추가 feature/csrf tv0924@icloud.com 2025-06-04 16:02:42 +09:00
  • 0d1f0ce577 수정 1 scopeDetection seungyeoncherry 2025-06-03 22:16:31 +09:00
  • 454a82eaab Merge branch 'main' of https://github.com/whs-authz-authn-project/caido-plugin-test into scopeDetection seungyeoncherry 2025-06-03 22:14:46 +09:00
  • c722adbe9d
         Merge pull request #18 from whs-authz-authn-project/gyu feature/pkce gyuu04 2025-06-03 14:45:30 +09:00
  • 979dda299a Update redirect_uriBypass.ts gyu gyuu04 2025-06-03 14:44:09 +09:00
  • 14164ceb83
         Merge pull request #17 from whs-authz-authn-project/gyu gyuu04 2025-06-03 12:50:47 +09:00
  • 78042ef305 [Add] RedirectBypassController 및 실행 로직 추가 gyuu04 2025-06-03 12:44:48 +09:00
  • e45124de21
         Merge pull request #16 from whs-authz-authn-project/gyu gyuu04 2025-06-03 12:30:11 +09:00
  • 986c6e59b6 Create redirect_uriBypass.ts gyuu04 2025-06-03 12:26:03 +09:00
  • e83988f5fb
         Merge pull request #15 from whs-authz-authn-project/feature/pkce 암냥 (imnyang) 2025-06-02 22:29:08 +09:00
  • e34649288c Merge branch 'main' of https://github.com/whs-authz-authn-project/caido-plugin-test into feature/pkce imnyang 2025-06-02 22:17:14 +09:00
  • eca9a8a5b5
         Merge pull request #14 from whs-authz-authn-project/feature/csrf 김민곤 2025-06-02 22:13:04 +09:00
  • d820695cec Merge branch 'main' of https://github.com/whs-authz-authn-project/caido-plugin-test into feature/pkce imnyang 2025-06-02 22:05:37 +09:00
  • c72f103221 FEAT: 리팩토링 imnyang 2025-06-02 22:03:52 +09:00
  • 5c6d9cb600 basic수정 tk kyu 2025-06-02 22:00:14 +09:00
  • d3a0e8ae84 오류잡기 kyu 2025-06-02 21:36:55 +09:00
  • e7de3ee4a7 nonceCheck 수정 sultanofdisco 2025-06-02 21:09:35 +09:00
  • e671700d7b
         Revert "nonceCheck 수정" revert-10-sujin James 2025-06-02 20:10:31 +09:00
  • 1c57ad1a39 [Update] oauth 탐지 로직 정교화 tv0924@icloud.com 2025-06-02 10:56:42 +09:00
  • b8b7edb5ac [Update] oauth 탐지 로직 정교화 tv0924@icloud.com 2025-06-02 10:50:11 +09:00
  • 9ccd1eb7ac
         Merge pull request #13 from whs-authz-authn-project/feature/access-token-detector James 2025-06-02 09:55:51 +09:00
  • 741fbe7e13 scope detection 수정 1 seungyeoncherry 2025-06-02 02:02:12 +09:00
  • 658acc3740 scope detection 수정 1 seungyeoncherry 2025-06-02 01:57:59 +09:00
  • b1c10b0739 Merge branch 'main' into feature/access-token-detector KMINGON 2025-06-02 00:22:04 +09:00
  • db242c4465
         Merge pull request #12 from whs-authz-authn-project/feature/csrf 김민곤 2025-06-02 00:21:20 +09:00
  • 96452cf9fa Merge branch 'feature/access-token-detector' of https://github.com/whs-authz-authn-project/caido-plugin-test into feature/access-token-detector KMINGON 2025-06-01 21:00:04 +09:00
  • 77a65002f7 [FIX]: 탐지 키워드 정상화 KMINGON 2025-06-01 20:59:48 +09:00
  • ff6b4f02f8 충돌해ㅐ결 kyu 2025-06-01 20:32:52 +09:00
  • 2010b85c4d [Fix] 특정 경우에서 csrf 방지 토큰이 없다고 판별한 것을 수정 tv0924@icloud.com 2025-06-01 20:14:10 +09:00
  • b32d4e02af clientsecretCheck kyu 2025-06-01 20:12:12 +09:00
  • 3a8fb9a401
         Merge pull request #10 from whs-authz-authn-project/sujin sultanofdisco 2025-05-31 15:56:04 +09:00
  • 77a05bb707 nonceCheck 수정3 sultanofdisco 2025-05-31 15:42:37 +09:00
  • e7f9d5684b Merge branch 'main' of https://github.com/whs-authz-authn-project/caido-plugin-test into sujin sultanofdisco 2025-05-31 15:27:30 +09:00
  • f94488e5ed Merge branch 'taewoo' of https://github.com/whs-authz-authn-project/caido-plugin-test into taewoo taewoo caterpii 2025-05-31 15:25:06 +09:00
  • 9c4b53a6bc [add] redirectUriCheckController caterpii 2025-05-31 15:22:25 +09:00
  • 316a078bd0 Merge branch 'main' of https://github.com/whs-authz-authn-project/caido-plugin-test into feature/pkce imnyang 2025-05-31 15:03:40 +09:00
  • 907fcd8120 Remove pkce imnyang 2025-05-31 15:02:27 +09:00
  • 252400a911 nonceCheck 수정2 sultanofdisco 2025-05-31 14:39:20 +09:00
  • b801fdda0b
         Merge pull request #9 from whs-authz-authn-project/feature/access-token-detector 김민곤 2025-05-31 12:57:02 +09:00
  • a2b7d44ec0
         Merge branch 'main' into feature/access-token-detector 김민곤 2025-05-31 12:48:11 +09:00
  • f1b5ef5f9b REFACTOR : findings를index가 아닌 모듈애서 만들도록 수정 KMINGON 2025-05-31 12:37:54 +09:00
  • d9353220e6
         Update README.md 암냥 (imnyang) 2025-05-31 12:03:49 +09:00
  • a3fcf28786
         Merge pull request #7 from whs-authz-authn-project/feature/scope 암냥 (imnyang) 2025-05-31 12:02:31 +09:00
  • 307d373b9c
         Merge branch 'main' into feature/scope feature/scope 암냥 (imnyang) 2025-05-31 12:01:58 +09:00
  • dcd0343569 Dist conflicts resolve imnyang 2025-05-31 11:57:52 +09:00
  • 7b704cacf4 STYLE : 로그 수정 KMINGON 2025-05-31 11:55:44 +09:00
  • 858dfd16dc FEAT : AccessToken 및 각종 토큰 존재 여부 확인하는 controller 작성, 테스트 필요 KMINGON 2025-05-25 21:43:21 +09:00
  • b1f3534e1c 포팅은 했는데 테스트는 안해보긴 했어요 테스트좀 해주세요 imnyang 2025-05-31 11:55:15 +09:00
  • cc81947bd8 nonceCheck 수정 sultanofdisco 2025-05-31 11:55:06 +09:00
  • 6efa9f4d20
         Merge pull request #5 from whs-authz-authn-project/main 암냥 (imnyang) 2025-05-31 11:51:47 +09:00
  • 8e33934951 redirect uri misconfig caterpii 2025-05-31 11:49:57 +09:00
  • 315e38a726
         Merge pull request #3 from whs-authz-authn-project/feature/csrf 김민곤 2025-05-31 11:49:40 +09:00
  • dfeab629d7 [Add] Scope Detection seungyeoncherry 2025-05-31 11:49:11 +09:00
  • 5fed2eb7d0 [Update] index tv0924@icloud.com 2025-05-31 11:47:52 +09:00
  • dcb91d141f
         Merge branch 'main' into feature/csrf 암냥 (imnyang) 2025-05-31 11:41:54 +09:00
  • d35af82aae redirect_uri misconfig caterpii 2025-05-31 11:41:36 +09:00
  • 19b6cb788c
         Merge pull request #2 from whs-authz-authn-project/imnyang James 2025-05-31 11:38:48 +09:00
  • b64c8cc4e4
         [Add] PKCE 완 imnyang 2025-05-28 23:28:31 +09:00
  • ef1d8f40b3 [Update] feature tv0924@icloud.com 2025-05-28 16:49:48 +09:00
  • f775282e91 [Add] csrf tv0924@icloud.com 2025-05-28 15:01:53 +09:00
  • 5042a108d8 [Add] csrf tv0924@icloud.com 2025-05-28 14:56:14 +09:00
  • 366f90e5a8 [Add] csrf 테스트 추가 tv0924@icloud.com 2025-05-28 14:30:55 +09:00
  • e868cbec67 csrf(state) 관련 취약점 탐지 기능 추가 tv0924@icloud.com 2025-05-28 14:11:53 +09:00
  • 0a24c5594d
         [Add] PKCE 체크 및 관련 기능 구현, Playground 디렉토리 정리 imnyang 2025-05-26 00:56:03 +09:00
  • ba20dd9007
         제가 코드 통일성이 없었네요... imnyang 2025-05-25 22:28:56 +09:00
  • f1bbb948e9 FEAT : AccessToken 및 각종 토큰 존재 여부 확인하는 controller 작성, 테스트 필요 KMINGON 2025-05-25 21:43:21 +09:00
  • 11b6e479dd
         Merge pull request #1 from whs-authz-authn-project/imnyang 암냥 (imnyang) 2025-05-25 20:55:57 +09:00
  • 2e1eb7a3ab PKCE Downgrade만 체킹한다고요? 아뇨 이제 PKCE가 있는지도 확인할겁니다. 이거도 좀 줄이고 imnyang 2025-05-25 20:55:19 +09:00
  • a5e48ed374 [Add] 모든 브랜치로 적용 imnyang 2025-05-25 20:38:36 +09:00
  • 2601997ed5 GitHub Actions, PKCE Downgrade 추가, PlayGround 추가 imnyang 2025-05-25 20:37:18 +09:00
  • 12f635c77b What's happening!! imnyang 2025-05-25 16:59:51 +09:00
  • c355038288 nonce check sultanofdisco 2025-05-24 14:25:44 +09:00
  • f901464c3a [Remove] backend build file tv0924@icloud.com 2025-05-19 12:15:33 +09:00
  • b41b086980 [Remove] backend build file tv0924@icloud.com 2025-05-19 12:13:43 +09:00
  • cc52c85fd5 [File] caido에서 바로 사용할 수 있는 zip 파일 추가 tv0924@icloud.com 2025-05-19 11:12:18 +09:00
  • 889d7cfbf2 [Add] is authZ|implict grant type tv0924@icloud.com 2025-05-19 11:08:20 +09:00
  • d21ee1eac0
         Initial commit James 2025-05-19 11:02:40 +09:00