hunt-misc
CommunityFind high-value misc auth and logic bugs fast.
Software Engineering#misconfiguration#header injection#security hunting#authorization logic#token scope#SSO SAML#invitation bypass
AuthorAKasem1
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Hunting for high-impact but less “obvious” vulnerability classes (misc access control failures, token/scope issues, invitation and SSO logic bugs, and misconfiguration-driven auth failures) is slow and often gets stuck on incomplete validation.
Core Features & Use Cases
- Role and permission boundary validation to confirm privilege differences with response-body differentials and concrete repro steps.
- Token, invitation, and post-removal access testing to detect stale sessions, multi-use tokens, and authorization gaps across user lifecycle events.
- Integration and config-driven vulnerability probing for SSRF/token exfil paths, header injection surfaces, SSO parsing weaknesses, and package-registry misconfigurations.
Quick Start
Ask the AI to hunt for misc vulnerabilities on https://target.example, focusing on invitation, token scope, SSO/callback logic, and cross-tenant access with a reproducible report.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: hunt-misc Download link: https://github.com/AKasem1/claude-bug-bounty/archive/main.zip#hunt-misc Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.