A tool that detects unauthorized access vulnerabilities through passive proxies, leveraging mainstream AI systems such as Kimi, DeepSeek, GPT, and others.
-
Updated
Jul 3, 2026 - Go
A tool that detects unauthorized access vulnerabilities through passive proxies, leveraging mainstream AI systems such as Kimi, DeepSeek, GPT, and others.
Advisory for CVE-2020-28054 & stack based buffer overflow in IBM Tivoli Storage Manager
An intentionally vulnerable PHP web application designed for ethical hacking and cybersecurity training. Learn to exploit and secure vulnerabilities like SQL Injection, Authentication Bypass, and more in a controlled environment.
403‑Killchain fuses four independent bypass engines into a single, silent binary. Each engine uses a unique strategy to turn 403 Forbidden into 200 OK. They run in parallel, and the results are merged into one clear, actionable report. No more running multiple tools, no more missed tricks. One command, one killchain.
Lab + writeup for CVE-2026-28699: Gitea OAuth2 scope enforcement bypass via HTTP Basic auth
🎓 Complete IDOR (Insecure Direct Object Reference) Guide: Beginner → Advanced
Italian technical writeup on a WordPress REST API featured_media authorization boundary issue
CVE-2026-25197: Authorization Bypass via IDOR — Gardyn Home Kit (ICSA-26-055-03)
Add a description, image, and links to the authorization-bypass topic page so that developers can more easily learn about it.
To associate your repository with the authorization-bypass topic, visit your repo's landing page and select "manage topics."