auth_attack

Community

Identify and exploit authentication vulnerabilities in web applications.

Authorbingook
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill detects and demonstrates various authentication vulnerabilities in web applications, allowing security professionals to identify and address potential weaknesses.

Core Features & Use Cases

  • Account Enumeration: Detects possible valid usernames by analyzing response differences.
  • Password Spray: Attempts common passwords across valid accounts to bypass account lockout.
  • Login Logic Bypass: Tests for SQL injection, NoSQL injection, and type juggling vulnerabilities in login forms.
  • Password Reset Attack: Exploits host header injection and token prediction to bypass password reset.
  • MFA/2FA Bypass: Demonstrates methods to bypass multi-factor authentication and two-factor authentication.
  • Session Hijacking: Exploits session fixation and session reuse vulnerabilities.

Quick Start

Run the auth_attack skill on a target URL to scan for authentication vulnerabilities.

Dependency Matrix

Required Modules

httpxrequestsre

Components

scripts

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: auth_attack
Download link: https://github.com/bingook/bingo/archive/main.zip#auth-attack

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.