Autorize is an extension for Burp Suite that helps security testers with automatic authorization and authentication tests. It was developed by Barak Tawily, an expert in application security. To install Autorize, you need to download Burp Suite and Jython standalone JAR. Once installed, the Autorize tab will be available in Burp and you can configure it by entering the low-privileged user authorization token header. The extension will then intercept traffic and check for authorization enforcement. The results are displayed in the Autorize table, with different enforcement statuses indicating whether authorization is bypassed, enforced, or unknown. Users can configure enforcement detector filters to specify how authorization and authentication are detected in the server’s response. There are also interception filters available to define which domains should be intercepted by Autorize. Overall, Autorize is a helpful tool for security testers, offering automated testing and detection capabilities.
https://github.com/Quitten/Autorize