Skills
.Work. You
Rest

web-vuln-idor

Community

Thorough IDOR detection across all web vectors

Software Engineering#testing#security#vulnerability#api#web#idor
Authorwoohyun212
Version1.0.0
Installs0

System Documentation

What problem does it solve?

IDOR vulnerabilities allow attackers to access or modify resources belonging to other users by manipulating object identifiers, leading to data leaks, account takeover, and privilege escalation.

Core Features & Use Cases

  • Multi-variant testing: Automates checks for numeric IDs, UUIDs, encoded IDs, parameter pollution, GraphQL node queries, WebSocket messages, API version downgrades, and mass‑assignment flaws.
  • Two‑account workflow: Uses attacker and victim tokens to verify unauthorized access across realistic scenarios.
  • Impact assessment: Classifies severity, provides chain escalation paths, and demonstrates scale by enumerating multiple IDs.

Quick Start

Ask the AI to run the web‑vuln‑idor skill against the target URL with the required tokens to discover IDOR weaknesses.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: web-vuln-idor
Download link: https://github.com/woohyun212/security-skill/archive/main.zip#web-vuln-idor

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.