scan-fase-11
CommunityUncover auth bypasses via headers and paths.
Software Engineering#authorization#authentication#web-security#pentest#auth-bypass#path-traversal#header-manipulation
Authorricardoo022
Version1.0.0
Installs0
System Documentation
What problem does it solve?
The skill helps security testers identify authentication and authorization bypass vulnerabilities by systematically applying header manipulations, path tricks, and protected-route testing across modern web apps.
Core Features & Use Cases
- Header-based bypass testing (11.1) using X-Original-URL, X-Rewrite-URL, and related headers to access protected routes.
- Path and extension bypass techniques (11.2) including path normalization, URL encoding, and traversal to reach restricted endpoints.
- Protected routes discovery and testing (11.3) to determine which routes are accessible without authentication and which require authorization, across admin, dashboard, API, and debug paths.
- Extended techniques and adaptive strategies for layered bypass attempts, enabling comprehensive coverage across architectures.
Quick Start
Invoke with /scan-fase-11 {url} after initial reconnaissance to begin auth bypass testing against the target application.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: scan-fase-11 Download link: https://github.com/ricardoo022/PentestAI-with-claude-code/archive/main.zip#scan-fase-11 Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.