Skip to content
You signed in with another tab or window. to refresh your session.
You signed out in another tab or window. to refresh your session.
You switched accounts on another tab or window. to refresh your session.
Here are
33 public repositories
matching this topic...
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
CVE-2023-22515: Confluence Broken Access Control Exploit
Web Application Penetration Tester (WAPT) Notes
This repository contains OWASP Top 10 CTF challenges designed to test your skills in web application security. Each category includes both "easy" and "hard" challenges.
Slides and PoCs for my DEF CON 33 & HOU.SEC.CON 2025 talk on overlooked attack surfaces across Apple's ecosystem.
L'obiettivo di questo progetto è di mostrare come è possibile usare dei tag degli unit test per cercare di garantire la verifica di aspetti specifici di una applicazione.
Bachelor’s Work - WEB programming
CVE-2025-41090 (brokeCLAUDIA): Broken access control in microCLAUDIA, the anti-ransomware platform by CCN-CERT.
Fixing an Insecure Blog Application.
A Duolingo hack that lets you stack up gems
👁 eventmaster
The most hackable Ticket-Shop!
BuggyBuy: Deliberately Vulnerable MERN Stack Web Application for Security Testing
Django website with intentional security flaws and their fixes to demonstrate vulnerabilities commonly found in web applications. Flaws include SQL injection, broken access control, SSRF, security misconfiguration, and CSRF.
WARNING: This is a vulnerable application to test the exploit for the Jetpack < 13.9.1 broken access control (CVE-2024-9926). Run it at your own risk!
This repository serves as the PoW of my 3-month remote internship cum training at Cyber Secured India
Project in Django Python on theme Security vulnerabilites - Sensitive data exposure, Broken Access Control.
An intelligent Web API security auditing tool powered by LLMs. It automates the detection, verification, and risk assessment of complex Broken Access Control (IDOR) vulnerabilities by understanding business logic and analyzing JSON schema overlaps.
Improve this page
Add a description, image, and links to the
broken-access-control
topic page so that developers can more easily learn about it.
Curate this topic
Add this topic to your repo
To associate your repository with the
broken-access-control
topic, visit your repo's landing page and select "manage topics."
Learn more
You can’t perform that action at this time.
