broken-access-control

This repository contains OWASP Top 10 CTF challenges designed to test your skills in web application security. Each category includes both "easy" and "hard" challenges.

kubernetes crypto xml xss-vulnerability ssrf owasp-top-10 sql-injection-exploitation security-misconfiguration broken-access-control security-logging-and-monitoring vulnerable-and-outdated-components

Updated Nov 18, 2023
Python

LittleHaku / cybersecurity-proj1

Star

Django website with intentional security flaws and their fixes to demonstrate vulnerabilities commonly found in web applications. Flaws include SQL injection, broken access control, SSRF, security misconfiguration, and CSRF.

django cybersecurity sql-injection csrf ssrf broken-access-control

Updated Nov 20, 2023
Python

dub-flow / sessionprobe

Star

SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.

pentesting-tool broken-access-control

Updated Mar 28, 2024
Go

AndreCoutinhom / owasp-top-10

Star

Curso de OWASP Top 10: de Injections a monitoramento.

monitoring logging injection owasp owasp-top-10 sensitive-data-exposure cross-site-scripting broken-authentication security-misconfiguration insecure-deserialization broken-access-control xml-external-entities-xxe

Updated Jun 26, 2024

dev-angelist / Web-Application-Penetration-Tester-WAPT-Notes

Star

Web Application Penetration Tester (WAPT) Notes

injection owasp webapp owasp-zap burpsuite owasp-top-10 injection-attacks webapplicationhacking wapt waptx broken-access-control webapppentesting webapplicationsecurity webappplicationtesting webapppentest

Updated Nov 9, 2024

m3ssap0 / wordpress-jetpack-broken-access-control-vulnerable-application

Star

WARNING: This is a vulnerable application to test the exploit for the Jetpack < 13.9.1 broken access control (CVE-2024-9926). Run it at your own risk!

wordpress jetpack vulnerable-application broken-access-control cve-2024-9926

Updated Nov 9, 2024
Dockerfile

sule01u / AutorizePro

Star

🧿 AutorizePro是一款强大越权检测 Burp 插件，通过增加 AI 辅助分析 && 进一步优化检测逻辑，大幅降低误报率，提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.

ai authorization pentesting bugbounty vulnerability-detection burpsuite security-tools burp-extensions pentest-tool bounty-hunters idor unauthorized sdlc-tools bounty-hunting-tools broken-access-control llm idor-vulnerability unauthorized-access-tool

Updated Nov 18, 2024
Python

Improve this page

Add a description, image, and links to the broken-access-control topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the broken-access-control topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

broken-access-control

Here are 13 public repositories matching this topic...

abeker / OWASP-Top-10-Front

abeker / OWASP-Top-10

dorabz / security-vulnerabilities-django

JacYuan1 / Insecure-Blog-Application-Project

Chocapikk / CVE-2023-22515

AIex-3 / confluence-hack

NullChapter / Challenges_2023_OWASP_10

LittleHaku / cybersecurity-proj1

dub-flow / sessionprobe

AndreCoutinhom / owasp-top-10

dev-angelist / Web-Application-Penetration-Tester-WAPT-Notes

m3ssap0 / wordpress-jetpack-broken-access-control-vulnerable-application

sule01u / AutorizePro

Improve this page

Add this topic to your repo