parser-differential-bypass
OfficialExploit parsing mismatches to bypass security controls.
System Documentation
What problem does it solve?
This Skill addresses critical security gaps that emerge when different system layers (including frontends, backends, reverse proxies, WAFs, and CDNs) parse the same input differently, leading to undetected bypasses of authentication, access control lists, and input validation filters.
Core Features & Use Cases
- Multi-Layer Parsing Exploit Techniques: Covers methods for exploiting duplicate JSON key handling, conflicting Authorization header processing, content-type confusion, HTTP parameter pollution, path normalization mismatches, and URL encoding desyncs.
- Red Team Testing Use Case: Security professionals can use this Skill to identify and exploit parser differential vulnerabilities in web applications during authorized penetration tests and red teaming engagements.
Quick Start
Use the parser-differential-bypass skill to test a target web application for authentication bypass vulnerabilities by submitting duplicate JSON keys and conflicting Authorization headers through its proxy layer.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: parser-differential-bypass Download link: https://github.com/dreadnode/capabilities/archive/main.zip#parser-differential-bypass Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.