Advanced automated IDOR testing tool with UUID fuzzing, JWT analysis, GraphQL support, POST request fuzzing, and smart ID parameter discovery.
-
Updated
Mar 18, 2026 - Python
#
idor-exploitation
Here are 4 public repositories matching this topic...
Hands-on CTF-style Broken Access Control lab for Node/Express, covering IDOR, vertical privilege escalation, JWT abuse, batch authorization bypass, and multi-tenant isolation.
security jwt lab security-tools idor broken-access-control idor-attack idor-vulnerability idor-ctf idor-exploitation
-
Updated
Apr 27, 2026 - JavaScript
Official write-up for the E-Bazaar spotlight challenge from ISSessions FantasyCTF 2026. Covers IDOR, business logic bypasses, and insecure cookie manipulation.
-
Updated
Feb 26, 2026
High-performance vulnerability engine for modern repos. Automate the hunt for API leaks, BOLA, and logic flaws. Build secure, audit early, trust nothing.
-
Updated
May 9, 2026 - JavaScript
Improve this page
Add a description, image, and links to the idor-exploitation topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the idor-exploitation topic, visit your repo's landing page and select "manage topics."