Pentesting Live Targets

Exploit tool for IDORs in Bestiefy

A python script to IDOR exploration

Hospital's Patient Records Management System v1.0 - 'id' Insecure direct object references (IDOR) leads to Account TakeOver

CIDOR, aka Canvas IDOR, is a fuzzer/downloader/cleaner using common structures used by colleges for document retrieval. Watch the POC video for CIDOR finding previous Stanford University Mid-term Tests/Answers.

solutions of hack-yourself-first

Capture the Flag (CTF) is a cybersecurity competition that is used as a test of security skills.

An easy ctf - Authentication Bypassing using IDOR vulnerability

Writeups for portswigger labs.

This repository is designed for IDOR vulnerabilities in a web application.

A sensible no bullshit repo of summaries of reports on hackerone, bugcrowd and alike, that makes straight up sense and make it easy to repeat and automate. This is supposed to serve as my personal reference, but should be a good public index reference for like minded.

✅ Experience the power of an automated Insecure Direct Object Reference (IDOR) vulnerability detection tool. Safeguard your applications with cutting-edge technology that identifies potential security weaknesses in an efficient and streamlined manner.

HTTPeeper is a quick way to perform HTTP requests using GET, POST, PUT, DELETE, PATCH, and OPTIONS to a specified URL. HTTPeeper is tool to investigate web interactions across different HTTP methods.

uuidv1 exploit kit

Broken Access Control Labs (IDOR)

idorproject

Project developed for the Security Testing course.

Welcome SecToolkit repository! This is a comprehensive collection of cybersecurity and bug bounty hunting topics. Here, you'll find a variety of resources, notes, and practical projects aimed at enhancing knowledge and skills in identifying and mitigating security vulnerabilities.

Top disclosed reports from HackerOne

🧿 AutorizePro是一款强大越权检测 Burp 插件，通过增加 AI 辅助分析 && 进一步优化检测逻辑，大幅降低误报率，提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.