cyberneticlibrary
← library

Hunt miscellaneous application vulnerabilities

hunt-miscskillsetup L31,791
elementalsouls/Claude-BugHunter
What it does

Hunt privilege escalation, IDOR, session/auth logic bugs via 10-point methodology

Best for

Discovering account boundary violations in multi-tenant SaaS with role-based access.

Inputs
  • · Target roles/endpoints
  • · Invitation tokens
  • · Role parameters
Outputs
  • · Privilege escalation payload
  • · Bypass proof
Requires
  • · curl
  • · Burp
  • · custom marker scripts
Preconditions
  • · Role hierarchy mapped
  • · Test user per role created
Failure modes
  • · Marker collision with baseline
  • · Status-code-only claim without body diff
Trust signals
  • · Marker discipline enforced
  • · Body-diff rule for all claims