mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 11:35:51 +00:00

Files

T

History

copilot-swe-agent[bot] ba72efbc5e Restructure repository: Remove OWASP categorization, organize by vulnerability type

Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>

2026-01-04 19:01:04 +00:00

auth-bypass-payloads.txt

Restructure repository: Remove OWASP categorization, organize by vulnerability type

2026-01-04 19:01:04 +00:00

README.md

Restructure repository: Remove OWASP categorization, organize by vulnerability type

2026-01-04 19:01:04 +00:00

README.md

Authentication Bypass

Description

Authentication bypass vulnerabilities allow an attacker to gain access to a system without providing valid credentials. These vulnerabilities can result from flawed authentication logic, improper session management, or weak authentication mechanisms.

Common Attack Vectors

Login forms
Password reset functionality
Multi-factor authentication
Session tokens
JWT tokens
OAuth flows

Testing Approach

Test authentication mechanisms for logical flaws, parameter manipulation, and bypass techniques that allow unauthorized access.

Payloads

See auth-bypass-payloads.txt for a comprehensive list of authentication bypass payloads and techniques.