broken-authorization

Here are 2 public repositories matching this topic...

akto-api-security / tests-library

Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilities

security hacktoberfest hackerone owasp-top-10 security-testing broken-authentication broken-authorization hacktoberfest2023 api-security-testing bola api-misconfigutation

Updated Mar 24, 2026

abhinandanpandey-in / BOLA-API-Exploit-Lab

Star

Advanced security research lab on BOLA (CWE-285) and IDOR in RESTful architectures. Features a Flask-based API gateway and a Python-engineered exploit engine demonstrating Account Takeover (ATO) via JSON payload manipulation. Includes enterprise remediation strategies using cryptographically signed session claims and server-side authorization.

appsec python-security owasp-top-10 account-takeover api-security idor broken-authorization bola cybersecurity-portfolio rest-api-exploit

Updated Feb 25, 2026
Python

Improve this page

Add a description, image, and links to the broken-authorization topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the broken-authorization topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly