chain-idor-to-priv-esc

star 4.3k

Build chains where IDOR enables privilege escalation and high-impact control-plane actions.

PurpleAILAB By PurpleAILAB schedule Updated 6/2/2026
play_arrow Run Skill in Manus View GitHub

name: chain-idor-to-priv-esc description: Build chains where IDOR enables privilege escalation and high-impact control-plane actions. metadata: subdomain: web-exploitation when_to_use: "idor chain privilege escalation control plane high impact horizontal vertical authorization bypass"

Chain: IDOR to Privilege Escalation

Canonical path

  1. IDOR modifies another user's sensitive object.
  2. Escalate role/permissions or steal recovery token.
  3. Perform admin-level action and show impact.

Validation

Demonstrate before/after authorization state and downstream privileged action evidence.

Install via CLI
npx skills add https://github.com/PurpleAILAB/Decepticon --skill chain-idor-to-priv-esc
Repository Details
star Stars 4,323
call_split Forks 860
navigation Branch main
article Path SKILL.md
Occupations
Information Security Analysts
More from Creator
PurpleAILAB
PurpleAILAB Explore all skills →