bola-idor
OfficialFind Broken Object Level Authorization
Authorsecurityfortech
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps identify vulnerabilities where an application fails to properly check if a user is authorized to access or modify specific data objects, often leading to unauthorized data access or manipulation.
Core Features & Use Cases
- BOLA/IDOR Detection: Specifically targets Broken Object Level Authorization and Insecure Direct Object Reference vulnerabilities.
- API & Web App Focus: Designed for testing APIs and web applications, especially those handling user-specific resources.
- Use Case: An attacker uses this skill to change an object ID in a URL or API request to access another user's private data, such as viewing or modifying another customer's order.
Quick Start
Use the bola-idor skill to test for authorization bypasses by changing object IDs in API requests.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: bola-idor Download link: https://github.com/securityfortech/hacking-skills/archive/main.zip#bola-idor Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.