Hunt account takeover vulnerabilities
hunt-atoskillsetup L1★1,791
elementalsouls/Claude-BugHunter ↗What it does
Enumerate 9 distinct account-takeover attack paths with chaining scenarios
Best for
Authentication testing when multiple ATO paths (password-reset, email-change, JWT, MFA-bypass) require systematic coverage.
Inputs
- · authentication flow (password reset, email change, OAuth, MFA, session, JWT)
Outputs
- · ATO technique taxonomy (9 paths)
- · chaining matrix (which bugs combine)
- · PoC pattern per path
Requires
- · Burp
- · curl
- · jwt-forge
Preconditions
Auth surface accessible; no rate limiting on reset/MFA endpoints
Failure modes
Missing secondary conditions for chaining (e.g., MFA-bypass alone isn't ATO without password reset flaws)
Trust signals
- · 9-path enumeration (password-reset, email-change, OAuth, MFA, session-fixation, JWT alg-confusion, password-change, step-up-auth bypass, rate-limit bypass)
- · Cross-path chaining examples