#Idor
Showing 11 of 11 repositories tagged #idor, ranked by stars
Top disclosed reports from HackerOne
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.
IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.
Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP APIs with Nuclei, Turbo Intruder, and external tool integration. OWASP API Top 10 coverage.
✅ Experience the power of an automated Insecure Direct Object Reference (IDOR) vulnerability detection tool. Safeguard your applications with cutting-edge technology that identifies potential security weaknesses in an efficient and streamlined manner.
Welcome SecToolkit repository! This is a comprehensive collection of cybersecurity and bug bounty hunting topics. Here, you'll find a variety of resources, notes, and practical projects aimed at enhancing knowledge and skills in identifying and mitigating security vulnerabilities.
Documenting my security research journey: This repository contains detailed vulnerability write-ups, proof-of-concept (PoC) exploits, and the custom automation tools I use for reconnaissance and system assessment.
The Java Burp Extension version of my BypassFuzzer tool
Burp Suite extension + port-based highlighter: dedupes HTTP history into a live unique-request feed and color-codes attacker/victim traffic by listener port (PwnFox-style) — built for Android/iOS multi-account IDOR/BOLA testing, with Magic Cookie, Match & Replace, and .http export for Claude Code / AI.
🎯 VISTA — AI-Powered Security Testing Assistant for Burp Suite. Real-time traffic analysis, 12 expert vulnerability templates, 80+ payloads, WAF detection & bypass. Supports OpenAI, Azure, and OpenRouter (FREE). Zero dependencies.