access-control-test

Community

Validate OWASP A01 in web apps with comprehensive authorization checks.

Authorjassics
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill unit tests the authorization in web applications to ensure adherence to OWASP A01 standards, detecting vulnerabilities like IDOR, BOLA, and privilege escalation.

Core Features & Use Cases

  • IDOR/BOLA Testing: Identify and protect against improper object reference errors leading to data breaches.
  • Function-level Access Control: Check if normal users can access admin or privileged functions.
  • Privilege Escalation: Validate against attempts to escalate user privileges.
  • Forced Browsing: Ensure resources and pages not linked are not accessible by role.
  • Ownership Checks: Test that write operations respect user ownership rules.
  • Use Case: When conducting security assessments for a web application, use this Skill to ensure the application is enforcing authorization at the server-side for all objects and functions.

Quick Start

Execute the 'access-control-test' skill with the required roles and sensitive objects.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: access-control-test
Download link: https://github.com/jassics/awesome-claude-security/archive/main.zip#access-control-test

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.