auth-bypass

star 4.3k

Hunt authentication/authorization bypass in route guards, role checks, tenant boundaries, and state-machine transitions.

PurpleAILAB By PurpleAILAB schedule Updated 6/2/2026
play_arrow Run Skill in Manus View GitHub

name: auth-bypass description: Hunt authentication/authorization bypass in route guards, role checks, tenant boundaries, and state-machine transitions. metadata: subdomain: web-exploitation when_to_use: "authentication authorization bypass route guard role check tenant boundary state machine transition session jwt"

Auth Bypass Playbook

Targets

  • Endpoints with role-based access
  • Admin-only routes
  • Tenant-scoped resources
  • Multi-step auth flows (MFA, password reset)

Common failure patterns

  • Missing middleware on one route variant
  • Trusting client-controlled role/tenant fields
  • TOCTOU between check and action
  • Alternate API versions lacking guard checks

Validation

  • Positive: low-priv session performs high-priv action.
  • Negative: same request with expected guard path should deny.
Install via CLI
npx skills add https://github.com/PurpleAILAB/Decepticon --skill auth-bypass
Repository Details
star Stars 4,323
call_split Forks 860
navigation Branch main
article Path SKILL.md
Occupations
Information Security Analysts
More from Creator
PurpleAILAB
PurpleAILAB Explore all skills →