서우 AgentOffice
← 라이브러리
security

IDOR Vulnerability 테스트

원문: IDOR Vulnerability Testing

This skill should be used when the user asks to "test for insecure direct object references," "find IDOR vulnerabilities," "exploit broken access control," "enumerate user IDs or object references," or "bypass authorization to access other users' data." It provides comprehensive

무엇을 하나요

IDOR Vulnerability Testing Purpose Provide systematic methodologies for identifying and exploiting Insecure Direct Object Reference (IDOR) vulnerabilities in web applications. This skill covers both database object references and static file references, detection techniques using parameter manipulation and enumeration, exploitation via Burp Suite, and remediation strategies for securing applications against unauthorized access. Inputs / Prerequisites Target Web Application : URL of application with user specific resources Multiple User Accounts : At least two test accounts to verify cross user access Burp Suite or Proxy Tool : Intercepting proxy for request manipulation Authorization : Writt

실행 시 본인 API 키(BYOK)로 동작하며, 모델 비용은 사용자 계정에서 직접 결제됩니다.