0x5t4l1n/hunting
1
0
Fork 0
mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 19:36:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ab9c127df32a398f09c7f27c314cd772d2f34d8e
hunting/OWASP-Top-10/A01-Broken-Access-Control/README.md
T
copilot-swe-agent[bot] ab9c127df3 Add comprehensive OWASP Top 10 directory structure with injection payloads 
Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>
2026-01-04 18:24:32 +00:00

15 lines
621 B
Markdown
Raw Blame History

# A01 - Broken Access Control
## Description
Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification, or destruction of all data or performing a business function outside the user's limits.
## Common Vulnerabilities
- Path Traversal
- IDOR (Insecure Direct Object References)
- Missing Function Level Access Control
- Forced Browsing
- Privilege Escalation
## Testing Approach
Test for access control by manipulating URLs, parameters, and attempting to access resources without proper authorization.
Reference in New Issue View Git Blame Copy Permalink