There are 2 repositories under idor topic.
Top disclosed reports from HackerOne
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
✅ Experience the power of an automated Insecure Direct Object Reference (IDOR) vulnerability detection tool. Safeguard your applications with cutting-edge technology that identifies potential security weaknesses in an efficient and streamlined manner.
Writeups for portswigger labs.
Capture the Flag (CTF) is a cybersecurity competition that is used as a test of security skills.
An easy ctf - Authentication Bypassing using IDOR vulnerability
A sensible no bullshit repo of summaries of reports on hackerone, bugcrowd and alike, that makes straight up sense and make it easy to repeat and automate. This is supposed to serve as my personal reference, but should be a good public index reference for like minded.
solutions of hack-yourself-first
Exploit tool for IDORs in Bestiefy
Pentesting Live Targets
This repository is designed for IDOR vulnerabilities in a web application.
HTTPeeper is a quick way to perform HTTP requests using GET, POST, PUT, DELETE, PATCH, and OPTIONS to a specified URL. HTTPeeper is tool to investigate web interactions across different HTTP methods.
Hospital's Patient Records Management System v1.0 - 'id' Insecure direct object references (IDOR) leads to Account TakeOver