a01-broken-access-control

star 0

Skills for testing broken access control vulnerabilities including IDOR, CSRF, CORS misconfigurations, and open redirects per OWASP A01:2021.

omkar-ukirde By omkar-ukirde schedule Updated 2/2/2026
play_arrow Run Skill in Manus View GitHub

name: a01-broken-access-control description: Skills for testing broken access control vulnerabilities including IDOR, CSRF, CORS misconfigurations, and open redirects per OWASP A01:2021. compatibility: Requires Burp Suite for testing allowed-tools: burpsuite curl metadata: owasp: A01:2021 category: web

Broken Access Control (OWASP A01)

Access control enforces policy such that users cannot act outside their intended permissions.

Skills

  • IDOR - Insecure Direct Object Reference exploitation
  • CSRF - Cross-Site Request Forgery attacks
  • CORS Bypass - CORS misconfiguration exploitation
  • Open Redirect - URL redirect manipulation

Quick Reference

Attack Risk Detection
IDOR High Modify object IDs in requests
CSRF Medium Check for missing/weak tokens
CORS Medium Test Origin header reflection
Open Redirect Low-Medium Test redirect parameters
Install via CLI
npx skills add https://github.com/omkar-ukirde/Cyber-Security-Agent-skills --skill a01-broken-access-control
Repository Details
star Stars 0
call_split Forks 0
navigation Branch main
article Path SKILL.md
More from Creator
omkar-ukirde
omkar-ukirde Explore all skills →