Summary
This walks you through authentication testing like you're following an OWASP checklist: password policy checks, brute forcing with Hydra and Burp, session token analysis, MFA bypass techniques, and password reset vulnerabilities. It's got practical commands and HTTP examples for each phase, from credential stuffing to session fixation tests. The API version downgrade attack for bypassing OTP rate limits is a nice touch. You'd use this during pentests or security assessments when you need structured methodology rather than scattered攻击 attempts. Assumes you already know Burp Suite and have authorization to test, because it's pretty aggressive stuff. Heavy on reconnaissance and exploitation workflows, light on remediation depth.
Install to Claude Code
npx -y skills add sickn33/antigravity-awesome-skills --skill broken-authentication --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Select a file.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
