authentication

Skill

Authentication security testing - auth bypass, JWT attacks, OAuth flaws, password attacks, 2FA bypass, CAPTCHA bypass, and bot detection evasion.

Files66
  • @skills/authentication/SKILL.md
  • @skills/authentication/reference/BOT_DETECTION.md
  • @skills/authentication/reference/CAPTCHA_BYPASS.md
  • @skills/authentication/reference/INDEX.md
  • @skills/authentication/reference/PASSWORD_CREDENTIAL_MANAGEMENT.md
  • @skills/authentication/reference/adfs-exploitation.md
  • @skills/authentication/reference/authentication-cheat-sheet.md
  • @skills/authentication/reference/authentication-index.md
  • @skills/authentication/reference/authentication-principles.md
  • @skills/authentication/reference/authentication-quickstart.md
  • @skills/authentication/reference/authentication-resources.md
  • @skills/authentication/reference/default-credentials.md
  • @skills/authentication/reference/jwt-advanced.md
  • @skills/authentication/reference/jwt-quickstart.md
  • @skills/authentication/reference/jwt_security_resources.md
  • @skills/authentication/reference/ntlm-http-listener.py
  • @skills/authentication/reference/oauth-index.md
  • @skills/authentication/reference/oauth-quickstart.md
  • @skills/authentication/reference/oauth-resources.md
  • @skills/authentication/reference/scenarios/2fa/backup-codes.md
  • @skills/authentication/reference/scenarios/2fa/brute-force-otp.md
  • @skills/authentication/reference/scenarios/2fa/code-reuse.md
  • @skills/authentication/reference/scenarios/2fa/direct-endpoint-access.md
  • @skills/authentication/reference/scenarios/2fa/email-sms-extraction.md
  • @skills/authentication/reference/scenarios/2fa/otp-leakage.md
  • @skills/authentication/reference/scenarios/2fa/otp-parameter-manipulation.md
  • @skills/authentication/reference/scenarios/2fa/predictable-codes.md
  • @skills/authentication/reference/scenarios/2fa/race-condition.md
  • @skills/authentication/reference/scenarios/2fa/response-manipulation.md
  • @skills/authentication/reference/scenarios/2fa/session-pre-2fa.md
  • @skills/authentication/reference/scenarios/jwt/alg-confusion.md
  • @skills/authentication/reference/scenarios/jwt/claim-tampering.md
  • @skills/authentication/reference/scenarios/jwt/ecdsa-nonce-reuse.md
  • @skills/authentication/reference/scenarios/jwt/jku-injection.md
  • @skills/authentication/reference/scenarios/jwt/jwe-nested-token.md
  • @skills/authentication/reference/scenarios/jwt/jwk-injection.md
  • @skills/authentication/reference/scenarios/jwt/jwks-trust-store-overwrite.md
  • @skills/authentication/reference/scenarios/jwt/kid-path-traversal.md
  • @skills/authentication/reference/scenarios/jwt/none-algorithm.md
  • @skills/authentication/reference/scenarios/jwt/psychic-signatures-cve-2022-21449.md
  • @skills/authentication/reference/scenarios/jwt/signature-stripping.md
  • @skills/authentication/reference/scenarios/jwt/weak-secret-crack.md
  • @skills/authentication/reference/scenarios/jwt/x5u-x5c-injection.md
  • @skills/authentication/reference/scenarios/oauth/code-theft-postmessage.md
  • @skills/authentication/reference/scenarios/oauth/csrf-state.md
  • @skills/authentication/reference/scenarios/oauth/implicit-flow-attacks.md
  • @skills/authentication/reference/scenarios/oauth/parameter-manipulation.md
  • @skills/authentication/reference/scenarios/oauth/pkce-downgrade.md
  • @skills/authentication/reference/scenarios/oauth/redirect-uri-manipulation.md
  • @skills/authentication/reference/scenarios/oauth/scope-escalation.md
  • @skills/authentication/reference/scenarios/oauth/ssrf-client-registration.md
  • @skills/authentication/reference/scenarios/password-attacks/credential-dumping.md
  • @skills/authentication/reference/scenarios/password-attacks/credential-stuffing.md
  • @skills/authentication/reference/scenarios/password-attacks/db-hash-lateral-movement.md
  • @skills/authentication/reference/scenarios/password-attacks/dictionary-attack.md
  • @skills/authentication/reference/scenarios/password-attacks/encrypted-container-cracking.md
  • @skills/authentication/reference/scenarios/password-attacks/hash-cracking.md
  • @skills/authentication/reference/scenarios/password-attacks/keylogging.md
  • @skills/authentication/reference/scenarios/password-attacks/online-brute-force.md
  • @skills/authentication/reference/scenarios/password-attacks/pass-the-hash.md
  • @skills/authentication/reference/scenarios/password-attacks/password-spraying.md
  • @skills/authentication/reference/scenarios/password-attacks/phishing.md
  • @skills/authentication/reference/scenarios/password-attacks/ssh-controlmaster-hijack.md
  • @skills/authentication/tools/__init__.py
  • @skills/authentication/tools/credential_manager.py
  • @skills/authentication/tools/password_generator.py

Authentication

Test authentication mechanisms including login security, token handling, 2FA, CAPTCHA, and bot detection.

Techniques

TypeKey Vectors
Auth BypassDefault credentials, logic flaws, response manipulation
ADFS/SAMLGolden SAML, token signing cert theft, assertion manipulation, SAML wrapping
JWTAlgorithm confusion, key injection, claim tampering, token forging
OAuthRedirect manipulation, CSRF, token leakage, scope abuse
PasswordBrute force, credential stuffing, password policy bypass
2FA BypassResponse manipulation, direct endpoint access, code reuse, race conditions
CAPTCHA BypassMissing server validation, token reuse, OCR, parameter manipulation
Bot DetectionBehavioral biometrics simulation, fingerprint randomization, stealth mode

Tools

PasswordGenerator (tools/password_generator.py):
python
from tools.password_generator import generate_password
password = generate_password(hint_text="8-16 chars, uppercase, numbers")
CredentialManager (tools/credential_manager.py):
python
from tools.credential_manager import CredentialManager
mgr = CredentialManager()
mgr.store_credential(target="example.com", username="test", password="pass")

Workflow

  1. Analyze auth implementation (forms, tokens, 2FA, CAPTCHA)
  2. Test bypass vectors per technique type
  3. Use Playwright MCP with human-like behavior (typing 80-200ms, random pauses)
  4. Capture evidence (screenshots, network logs, tokens)
  5. Document findings with PoC scripts

Reference

  • reference/authentication*.md - Auth bypass techniques, payloads, and resources
  • reference/jwt*.md - JWT attack techniques and cheat sheets
  • reference/oauth*.md - OAuth vulnerability testing
  • reference/scenarios/password-attacks/*.md - Password attack vectors (spray, stuffing, cracking, PtH)
  • reference/adfs-exploitation.md - ADFS, Golden SAML, federation attacks
  • reference/scenarios/2fa/*.md - 2FA bypass methods
  • reference/CAPTCHA_BYPASS.md - 11 CAPTCHA bypass techniques
  • reference/BOT_DETECTION.md - Bot detection evasion strategies
  • reference/PASSWORD_CREDENTIAL_MANAGEMENT.md - Tool usage guide
authentication — Kortix Marketplace | Kortix