broken-access-control

There are 15 repositories under broken-access-control topic.

dub-flow/sessionprobe
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
Language:Go447 8 134
Chocapikk/CVE-2023-22515
CVE-2023-22515: Confluence Broken Access Control Exploit
Language:Python132 4 029
AIex-3/confluence-hack
CVE-2023-22515
Language:Java50 1 07
WuliRuler/AutorizePro
🧿 AutorizePro是一款强大越权检测 Burp 插件，通过增加 AI 辅助分析 && 进一步优化检测逻辑，大幅降低误报率，提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.
Language:Python24 1 14
dev-angelist/Web-Application-Penetration-Tester-WAPT-Notes
Web Application Penetration Tester (WAPT) Notes
10 1 08
NullChapter/Challenges_2023_OWASP_10
This repository contains OWASP Top 10 CTF challenges designed to test your skills in web application security. Each category includes both "easy" and "hard" challenges.
Language:Python5 0 01
abeker/OWASP-Top-10-Front
Bachelor’s Work - WEB programming
Language:TypeScript3 2 00
JacYuan1/Insecure-Blog-Application-Project
Fixing an Insecure Blog Application.
Language:PHP2 1 00
m3ssap0/wordpress-jetpack-broken-access-control-vulnerable-application
WARNING: This is a vulnerable application to test the exploit for the Jetpack < 13.9.1 broken access control (CVE-2024-9926). Run it at your own risk!
Language:Dockerfile2 1 00
abeker/OWASP-Top-10
Bachelor’s Work - WEB programming
Language:Java1 2 01
dorabz/security-vulnerabilities-django
Project in Django Python on theme Security vulnerabilites - Sensitive data exposure, Broken Access Control.
Language:Python1 1 01
LittleHaku/cybersecurity-proj1
Django website with intentional security flaws and their fixes to demonstrate vulnerabilities commonly found in web applications. Flaws include SQL injection, broken access control, SSRF, security misconfiguration, and CSRF.
Language:Python1 1 00
AndreCoutinhom/owasp-top-10
Curso de OWASP Top 10: de Injections a monitoramento.
1 0
epmyas2022/uped-vunerabilidad
Script que permite obtener la información de estudiantes y la sesion de un usuario en el portal de la universidad. Ademas de poder inyectar codigo SQL en una cookie en la base de datos de la universidad.
Language:JavaScript
Mumoide/app_segura
Aplicación web desarrollada para asignatura Seguridad en Sistemas Computacionales
Language:TypeScript

broken-access-control

dub-flow/sessionprobe

Chocapikk/CVE-2023-22515

AIex-3/confluence-hack

WuliRuler/AutorizePro

dev-angelist/Web-Application-Penetration-Tester-WAPT-Notes

NullChapter/Challenges_2023_OWASP_10

abeker/OWASP-Top-10-Front

JacYuan1/Insecure-Blog-Application-Project

m3ssap0/wordpress-jetpack-broken-access-control-vulnerable-application

abeker/OWASP-Top-10

dorabz/security-vulnerabilities-django

LittleHaku/cybersecurity-proj1

AndreCoutinhom/owasp-top-10

epmyas2022/uped-vunerabilidad

Mumoide/app_segura