testing-api-authentication-weaknesses
CommunityUncover API auth weaknesses safely.
Software Engineering#authentication#jwt#api-security#pentest#security-testing#token-revocation#account-enumeration
AuthorAcczdy
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill automates the detection and assessment of API authentication weaknesses by analyzing tokens, endpoints, and session lifecycle across services.
Core Features & Use Cases
- Detects broken authentication vectors such as alg:none, weak JWT secrets, missing exp, and token leakage in URLs or logs.
- Evaluates token revocation and refresh flows, account enumeration, and session management across REST APIs.
- Provides workflow guidance for red-team style testing in development, staging, and security assessment scenarios.
Quick Start
Run the agent against your API base URL to begin automated authentication weakness testing and generate a report.
Dependency Matrix
Required Modules
requests
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: testing-api-authentication-weaknesses Download link: https://github.com/Acczdy/MoZiSec/archive/main.zip#testing-api-authentication-weaknesses Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.