by mukul975
exploiting-idor-vulnerabilities helps authorized security audits test Insecure Direct Object Reference flaws across APIs, web apps, and multi-tenant systems with cross-session checks, object mapping, and read/write verification.
by mukul975
exploiting-api-injection-vulnerabilities skill for Security Audit teams testing APIs for SQL injection, NoSQL injection, command injection, LDAP injection, and SSRF across parameters, headers, and request bodies. This guide helps you spot risky inputs, compare baseline responses, and validate whether backend interactions are injectable.
by mukul975
detecting-api-enumeration-attacks helps Security Audit teams detect API probing, BOLA, and IDOR by analyzing sequential IDs, 404 bursts, authorization failures, and docs discovery paths. It is built for log-driven detection guidance, rule drafting, and practical review of API abuse patterns.
