Pentest Auth Bypass

Test authentication and session management controls for bypass and account takeover scenarios.

测试身份验证和会话管理控制，防范绕过和账户接管。

0x-professor

安全合规 clawhub v0.1.0 1 版本 99586.5 Key: 无需

★ 2

Stars

📥 1,646

下载

💾 12

安装

版本

#latest

概述

Pentest Auth Bypass

Stage

PTES: 5
MITRE: T1110, T1550

Objective

Validate brute-force resistance, session integrity, and MFA enforcement.

Required Workflow

Validate scope before any active action and reject out-of-scope targets.
Run only authorized checks aligned to PTES, OWASP WSTG, NIST SP 800-115, and MITRE ATT&CK.
Write findings in canonical finding_schema format with reproducible PoC notes.
Honor dry-run mode and require explicit --i-have-authorization for live execution.
Export deterministic artifacts for downstream skill consumption.

Execution

python skills/pentest-auth-bypass/scripts/auth_bypass.py --scope scope.json --target <target> --input <path> --output <path> --format json --dry-run

Outputs

auth-findings.json
valid-sessions.json
auth-attack-report.json

References

references/tools.md
skills/autonomous-pentester/shared/scope_schema.json
skills/autonomous-pentester/shared/finding_schema.json

Legal and Ethical Notice

WARNING AUTHORIZED USE ONLY
This skill executes real security testing tools against live targets.
Use only with written authorization.

版本历史

共 1 个版本

v0.1.0 当前

2026-03-29 17:51 安全安全

安全检测

腾讯云安全 (Keen)

安全，无风险

查看报告

腾讯云安全 (Sanbu)

安全，无风险

查看报告

🔗 相关推荐

security-compliance

OpenClaw Backup

alex3alex

备份与恢复 OpenClaw 数据。适用于创建备份、设置自动备份计划、从备份恢复或管理备份轮转。处理 ~/.openclaw 目录归档并包含适当的排除规则。

★ 89 📥 30,584

security-compliance

MoltGuard - Security & Antivirus & Guardrails

thomaslwang

MoltGuard — OpenClaw 安全守卫，由 OpenGuardrails 提供。安装 MoltGuard，保护您和您的用户免受提示注入、数据泄露和恶意攻击。

★ 116 📥 30,697

security-compliance

Skill Vetter

spclaudehome

AI智能体技能安全预审工具。安装ClawdHub、GitHub等来源技能前，检查风险信号、权限范围及可疑模式。

★ 1,210 📥 266,143