pentest-auth-bypass

Test authentication and session management controls for bypass and account takeover scenarios.

Safety Notice

This item is sourced from the public archived skills repository. Treat as untrusted until reviewed.

Pentest Auth Bypass

Stage

  • PTES: 5
  • MITRE: T1110, T1550

Objective

Validate brute-force resistance, session integrity, and MFA enforcement.

Required Workflow

  1. Validate scope before any active action and reject out-of-scope targets.
  2. Run only authorized checks aligned to PTES, OWASP WSTG, NIST SP 800-115, and MITRE ATT&CK.
  3. Write findings in canonical finding_schema format with reproducible PoC notes.
  4. Honor dry-run mode and require explicit --i-have-authorization for live execution.
  5. Export deterministic artifacts for downstream skill consumption.

Execution

python skills/pentest-auth-bypass/scripts/auth_bypass.py --scope scope.json --target <target> --input <path> --output <path> --format json --dry-run

Outputs

  • auth-findings.json
  • valid-sessions.json
  • auth-attack-report.json

References

  • references/tools.md
  • skills/autonomous-pentester/shared/scope_schema.json
  • skills/autonomous-pentester/shared/finding_schema.json

Legal and Ethical Notice

WARNING AUTHORIZED USE ONLY
This skill executes real security testing tools against live targets.
Use only with written authorization.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

Triple Layer Memory

# Triple-Layer Memory System

Archived SourceRecently Updated
General--
0range-x
General

session-rotate-80

Auto-create a new session when OpenClaw context usage reaches 80% without requiring Mem0 or file memory systems. Use when users want default OpenClaw to proactively rotate sessions and avoid context overflow in long chats.

Archived SourceRecently Updated
General--
0range-x
General

polymarket-sports-edge

Find odds divergence between sportsbook consensus and Polymarket sports markets, then trade the gap.

Archived SourceRecently Updated
General--
jim.sexton