williamzujkowski · November 17, 2025 05:07
diff --git a/authrest-scanner.py b/authrest-scanner.py
 #!/usr/bin/env python3
 """
 AuthREST-style API Authentication Scanner
 Parses OpenAPI specs and tests authentication patterns
 """
 import json
 import requests
 from typing import Dict, List, Optional
 from dataclasses import dataclass

 @dataclass
 class AuthTest:
    endpoint: str
    method: str
    auth_required: bool
    test_type: str

 class AuthRestScanner:
    def __init__(self, openapi_spec: Dict, base_url: str):
        self.spec = openapi_spec
        self.base_url = base_url
        self.results = []

    def parse_auth_requirements(self) -> List[AuthTest]:
        """Extract auth requirements from OpenAPI spec"""
        tests = []

        for path, methods in self.spec.get('paths', {}).items():
            for method, config in methods.items():
                if method == 'parameters':
                    continue

                security = config.get('security', [])
                auth_required = len(security) > 0

                tests.append(AuthTest(
                    endpoint=path,
                    method=method.upper(),
                    auth_required=auth_required,
                    test_type='auth_bypass'
                ))

        return tests

    def test_auth_bypass(self, test: AuthTest) -> Dict:
        """Test if endpoint enforces authentication"""
        url = f"{self.base_url}{test.endpoint}"

        try:
            # Test without auth token
            resp_no_auth = requests.request(test.method, url, timeout=5)

            # Test with invalid token
            headers = {'Authorization': 'Bearer invalid_token'}
            resp_bad_auth = requests.request(
                test.method, url, headers=headers, timeout=5
            )

            # Auth should be enforced
            vulnerable = (
                test.auth_required and
                resp_no_auth.status_code == 200
            )

            return {
                'endpoint': test.endpoint,
                'method': test.method,
                'vulnerable': vulnerable,
                'status_no_auth': resp_no_auth.status_code,
                'status_bad_auth': resp_bad_auth.status_code
            }
        except Exception as e:
            return {'error': str(e)}
	#!/usr/bin/env python3
	"""
	AuthREST-style API Authentication Scanner
	Parses OpenAPI specs and tests authentication patterns
	"""
	import json
	import requests
	from typing import Dict, List, Optional
	from dataclasses import dataclass

	@dataclass
	class AuthTest:
	endpoint: str
	method: str
	auth_required: bool
	test_type: str

	class AuthRestScanner:
	def __init__(self, openapi_spec: Dict, base_url: str):
	self.spec = openapi_spec
	self.base_url = base_url
	self.results = []

	def parse_auth_requirements(self) -> List[AuthTest]:
	"""Extract auth requirements from OpenAPI spec"""
	tests = []

	for path, methods in self.spec.get('paths', {}).items():
	for method, config in methods.items():
	if method == 'parameters':
	continue

	security = config.get('security', [])
	auth_required = len(security) > 0

	tests.append(AuthTest(
	endpoint=path,
	method=method.upper(),
	auth_required=auth_required,
	test_type='auth_bypass'
	))

	return tests

	def test_auth_bypass(self, test: AuthTest) -> Dict:
	"""Test if endpoint enforces authentication"""
	url = f"{self.base_url}{test.endpoint}"

	try:
	# Test without auth token
	resp_no_auth = requests.request(test.method, url, timeout=5)

	# Test with invalid token
	headers = {'Authorization': 'Bearer invalid_token'}
	resp_bad_auth = requests.request(
	test.method, url, headers=headers, timeout=5
	)

	# Auth should be enforced
	vulnerable = (
	test.auth_required and
	resp_no_auth.status_code == 200
	)

	return {
	'endpoint': test.endpoint,
	'method': test.method,
	'vulnerable': vulnerable,
	'status_no_auth': resp_no_auth.status_code,
	'status_bad_auth': resp_bad_auth.status_code
	}
	except Exception as e:
	return {'error': str(e)}
No results found