Livesecurityshipped v1.0.0
API Auth Pattern Detector
Analyze HTTP response headers and request patterns to automatically detect the authentication mechanism in use. Identifies OAuth2 flows, session-based auth, API keys, HMAC signatures, and custom token schemes. Provides a breakdown of the detected pattern with recommendations for automation.
apiauthoauth2reverse-engineeringdetection
JWT Bearer TokenHigh
Stateless authentication with JSON Web Tokens. Common in modern APIs and SPAs.
→ Authorization: Bearer header
→ Token looks like a JWT
CSRF Token ProtectionMedium
Anti-CSRF token in custom header. Usually paired with session cookies.
→ CSRF token header detected
Session CookieHigh
Cookie-based authentication (server-side session or cookie-stored token).
→ Cookie header
→ Session/auth-named cookie
🔒 Heuristic detection. Combine with the cURL Flow Visualizer for multi-request analysis.