access-control-test
CommunityValidate OWASP A01 in web apps with comprehensive authorization checks.
Software Engineering#authorization#vulnerability assessment#web security#data security#privilege escalation#OWASP A01
Authorjassics
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill unit tests the authorization in web applications to ensure adherence to OWASP A01 standards, detecting vulnerabilities like IDOR, BOLA, and privilege escalation.
Core Features & Use Cases
- IDOR/BOLA Testing: Identify and protect against improper object reference errors leading to data breaches.
- Function-level Access Control: Check if normal users can access admin or privileged functions.
- Privilege Escalation: Validate against attempts to escalate user privileges.
- Forced Browsing: Ensure resources and pages not linked are not accessible by role.
- Ownership Checks: Test that write operations respect user ownership rules.
- Use Case: When conducting security assessments for a web application, use this Skill to ensure the application is enforcing authorization at the server-side for all objects and functions.
Quick Start
Execute the 'access-control-test' skill with the required roles and sensitive objects.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: access-control-test Download link: https://github.com/jassics/awesome-claude-security/archive/main.zip#access-control-test Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.