Remote OpenClaw
Menu

Featured

MoltAwards - Agent internet for government contracts + jobs. logo

Sponsored placement

MoltAwards - Agent internet for government contracts + jobs.

Sponsored

Learn more
ScaleYour.email: Fill your calendar with sales calls logo

Sponsored placement

ScaleYour.email: Fill your calendar with sales calls

Sponsored

Book free call

Free spotlight

Get featured free for a week

1 tool / week

Apply free →
Deploy your own AI agent logo

Limited-time offer

Deploy your own AI agent

Affiliate

Launch on Hostinger

Free spotlight

Get your AI tool in front of 30k+ builders — free for a week

Free spotlight

Apply free

Claude Skill

IDOR Vulnerability Testing

This skill should be used when the user asks to "test for insecure direct object references," "find IDOR vulnerabilities," "exploit broken access control," "enumerate user IDs or object references," or "bypass authorization to access other users' data." It provides comprehensive guidance for detecting, exploiting, and remediating IDOR vulnerabilities in web applications.

Reviewed community sourceInstallable4 sections3 related pages
Browse full directoryMore testingView source

Editor's Note

This skill should be used when the user asks to "test for insecure direct object references," "find IDOR vulnerabilities," "exploit broken access control," "enumerate user IDs or object references," or "bypass authorization to access other users' data." It... Covers purpose, inputs / prerequisites, outputs / deliverables.

Editorial Guide

What to do with this skill

Start with the workflow below, then drop into the upstream source only after the page has narrowed the job for you.

What this skill does

This skill should be used when the user asks to "test for insecure direct object references," "find IDOR vulnerabilities," "exploit broken access control," "enumerate user IDs or object references," or "bypass authorization to access other users' data." It provides comprehensive guidance for detecting, exploiting, and remediating IDOR vulnerabilities in web applications.

When to use it

Use it when you need Claude Code to follow the workflow defined in the upstream source instead of improvising from generic examples.

Install and setup notes

  • Open the upstream source before treating this page as install-ready, because not every official record is meant to be dropped into a workflow unchanged.
  • Keep the context narrow. These skills are usually strongest when you load only the branch, reference set, or workflow step that matches the current task.
  • If you plan to standardize on this skill for team use, pin the upstream repo and check for updates periodically instead of assuming the official defaults are static.

Example workflow

  1. Start with one narrow task that obviously fits the scope of this Claude Code skill instead of pulling it into every job by default.
  2. Read the overview and first source section, then choose the smallest branch of guidance or references that solves the task in front of you.
  3. Run the change on a real file, command, or workflow, verify the result, and only then widen the skill into a repeatable team pattern.

Compatible agents

This skill is explicitly marked for Claude Code.

Claude Code

Where to go next

Next Page

AI Agent Skills Directory

Compare ecosystems, use-case hubs, and the broader skills catalog from one search-first page.

Next Page

Claude Code Skills

Browse the wider Claude Code directory if this skill is close but not quite the right fit.

Next Page

Best Claude Code Skills

Use the Claude Code hub to compare the strongest installable skills before you standardize on a workflow.

Install source

This page does not expose a single copy-paste install command in the normalized record. Use the upstream install source below to confirm the exact steps, file paths, and current setup expectations before you add it to your stack.

Page Outline

PurposeInputs / PrerequisitesOutputs / DeliverablesCore Workflow

Source Content

Normalized top-level metadata comes from the directory layer. The body below is the upstream source content for this item.

IDOR Vulnerability Testing

Purpose

Provide systematic methodologies for identifying and exploiting Insecure Direct Object Reference (IDOR) vulnerabilities in web applications. This skill covers both database object references and static file references, detection techniques using parameter manipulation and enumeration, exploitation via Burp Suite, and remediation strategies for securing applications against unauthorized access.

Inputs / Prerequisites

  • **Target Web Application**: URL of application with user-specific resources
  • **Multiple User Accounts**: At least two test accounts to verify cross-user access
  • **Burp Suite or Proxy Tool**: Intercepting proxy for request manipulation
  • **Authorization**: Written permission for security testing
  • **Understanding of Application Flow**: Knowledge of how objects are referenced (IDs, filenames)

Outputs / Deliverables

  • **IDOR Vulnerability Report**: Documentation of discovered access control bypasses
  • **Proof of Concept**: Evidence of unauthorized data access across user contexts
  • **Affected Endpoints**: List of vulnerable API endpoints and parameters
  • **Impact Assessment**: Classification of data exposure severity
  • **Remediation Recommendations**: Specific fixes for identified vulnerabilities

Core Workflow

1. Understand IDOR Vulnerability Types

#### Direct Reference to Database Objects Occurs when applications reference database records via user-controllable parameters:

# Original URL (authenticated as User A)
example.com/user/profile?id=2023

# Manipulation attempt (accessing User B's data)
example.com/user/profile?id=2022

#### Direct Reference to Static Files Occurs when applications expose file paths or names that can be enumerated:

# Original URL (User A's receipt)
example.com/static/receipt/205.pdf

# Manipulation attempt (User B's receipt)
example.com/static/receipt/200.pdf

2. Reconnaissance and Setup

#### Create Multiple Test Accounts

Account 1: "attacker" - Primary testing account
Account 2: "victim" - Account whose data we attempt to access

#### Identify Object References Capture and analyze requests containing:

  • Numeric IDs in URLs: `/api/user/123`
  • Numeric IDs in parameters: `?id=123&action=view`
  • Numeric IDs in request body: `{"userId": 123}`
  • File paths: `/download/receipt_123.pdf`
  • GUIDs/UUIDs: `/profile/a1b2c3d4-e5f6-...`

#### Map User IDs

# Access user ID endpoint (if available)
GET /api/user-id/

# Note ID patterns:
# - Sequential integers (1, 2, 3...)
# - Auto-incremented values
# - Predictable patterns

3. Detection Techniques

#### URL Parameter Manipulation

# Step 1: Capture original authenticated request
GET /api/user/profile?id=1001 HTTP/1.1
Cookie: session=attacker_session

# Step 2: Modify ID to target another user
GET /api/user/profile?id=1000 HTTP/1.1
Cookie: session=attacker_session

# Vulnerable if: Returns victim's data with attacker's session

#### Request Body Manipulation

# Original POST request
POST /api/address/update HTTP/1.1
Content-Type: application/json
Cookie: session=attacker_session

{"id": 5, "userId": 1001, "address": "123 Attacker St"}

# Modified request targeting victim
{"id": 5, "userId": 1000, "address": "123 Attacker St"}

#### HTTP Method Switching

# Original GET request may be protected
GET /api/admin/users/1000 → 403 Forbidden

# Try alternative methods
POST /api/admin/users/1000 → 200 OK (Vulnerable!)
PUT /api/admin/users/1000 → 200 OK (Vulnerable!)

4. E

<!-- truncated -->

Recommended skills

Claude Skill

Shodan Reconnaissance and Pentesting

This skill should be used when the user asks to "search for exposed devices on the internet," "perform Shodan reconnaissance," "find vulnerable services using Shodan," "scan IP ranges with Shodan," or "discover IoT devices and open ports." It provides comprehensive guidance for...

Claude Skill

Active Directory Attacks

This skill should be used when the user asks to "attack Active Directory", "exploit AD", "Kerberoasting", "DCSync", "pass-the-hash", "BloodHound enumeration", "Golden Ticket", "Silver Ticket", "AS-REP roasting", "NTLM relay", or needs guidance on Windows domain penetration...

Claude Skill

AWS Penetration Testing

This skill should be used when the user asks to "pentest AWS", "test AWS security", "enumerate IAM", "exploit cloud infrastructure", "AWS privilege escalation", "S3 bucket testing", "metadata SSRF", "Lambda exploitation", or needs guidance on Amazon Web Services security...

Next places to browse

Directory

Browse full Claude Code directory

Move back to the full hub if you want adjacent skills, plugins, or agents instead of just the pages related to this record.

Category

More testing pages

Open the category landing page if you already know the job and want more pages with the same topical framing.

Next Layer

See workflow marketplace

Move from free directory research into ready-made workflows if the real goal is buying a finished operator stack.

Sponsored
MoltAwards: Turn AI agents loose on government contracts & jobs! logo

Turn AI agents loose on government contracts

Learn more