parser-differential-bypass

Official

Exploit parsing mismatches to bypass security controls.

Authordreadnode
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill addresses critical security gaps that emerge when different system layers (including frontends, backends, reverse proxies, WAFs, and CDNs) parse the same input differently, leading to undetected bypasses of authentication, access control lists, and input validation filters.

Core Features & Use Cases

  • Multi-Layer Parsing Exploit Techniques: Covers methods for exploiting duplicate JSON key handling, conflicting Authorization header processing, content-type confusion, HTTP parameter pollution, path normalization mismatches, and URL encoding desyncs.
  • Red Team Testing Use Case: Security professionals can use this Skill to identify and exploit parser differential vulnerabilities in web applications during authorized penetration tests and red teaming engagements.

Quick Start

Use the parser-differential-bypass skill to test a target web application for authentication bypass vulnerabilities by submitting duplicate JSON keys and conflicting Authorization headers through its proxy layer.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: parser-differential-bypass
Download link: https://github.com/dreadnode/capabilities/archive/main.zip#parser-differential-bypass

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.