skills.homes logoskills.homescapability registry
home/categories/security/mukul975-anthropic-cybersecurity-skills-skills-testing-api-authentication-weaknesses-skill-md
cd ..
securitytesting-security

testing-api-authentication-weaknesses

Tests API authentication mechanisms for weaknesses including broken token validation, missing authentication on endpoints, weak password policies, credential stuffing susceptibility, token leakage in URLs or logs, and session management flaws. The tester evaluates JWT implementation, API key handling, OAuth flows, and session token entropy to identify authentication bypasses. Maps to OWASP API2:2023 Broken Authentication. Activates for requests involving API authentication testing, token validation assessment, credential security testing, or API auth bypass.

Voir le code sourcesecurity
mukul975
maintainer
mukul975
Mis à jour 4/6/2026
Étoiles
4240
Forks
464
quick start

Installation and usage

Tests API authentication mechanisms for weaknesses including broken token validation, missing authentication on endpoints, weak password policies, credential stuffing susceptibility, token leakage in URLs or logs, and session management flaws. The tester evaluates JWT implementation, API key handling, OAuth flows, and session token entropy to identify authentication bypasses. Maps to OWASP API2:2023 Broken Authentication. Activates for requests involving API authentication testing, token validation assessment, credential security testing, or API auth bypass.

Installation
$ install --globalskills.sh
Utilisation

Après l'installation, vous pouvez utiliser ce skill en exécutant la commande suivante dans votre terminal :

skills use testing-api-authentication-weaknesses