a07-auth-failures

star 0

Skills for exploiting authentication and session management vulnerabilities including JWT, OAuth, and 2FA bypass per OWASP A07:2021.

omkar-ukirde

By omkar-ukirde schedule Updated 2/2/2026

play_arrow Run Skill in Manus View GitHub

name: a07-auth-failures description: Skills for exploiting authentication and session management vulnerabilities including JWT, OAuth, and 2FA bypass per OWASP A07:2021. compatibility: Requires jwt_tool, hashcat allowed-tools: jwt-tool hashcat burpsuite curl metadata: owasp: A07:2021 category: web

Identification and Authentication Failures (OWASP A07)

Weaknesses in authentication mechanisms and session management.

Skills

JWT Attacks - JSON Web Token exploitation
OAuth Attacks - OAuth flow manipulation
Session Attacks - Session fixation and hijacking
2FA Bypass - Two-factor authentication bypass
Password Reset - Reset flow exploitation

Quick Reference

Attack	Target	Technique
JWT	Token auth	Algorithm confusion, weak secret
OAuth	SSO/social login	Redirect manipulation
Session	Cookies	Fixation, hijacking
2FA	MFA	Direct access, brute force

Install via CLI

npx skills add https://github.com/omkar-ukirde/Cyber-Security-Agent-skills --skill a07-auth-failures

Repository Details

star Stars 0

call_split Forks 0

navigation Branch main

article Path SKILL.md

More from Creator

omkar-ukirde

omkar-ukirde Explore all skills →