What is pentest-auth-bypass?

A skill that tests authentication and session management controls for bypass and account takeover scenarios within an authorized engagement.

What outputs does it generate?

Structured findings and evidence, including auth-findings.json, valid-sessions.json, and auth-attack-report.json, plus reproducible PoC notes.

How do I run it safely?

Ensure written authorization and defined scope; start with dry-run to validate tests, and require explicit --i-have-authorization for live execution.

pentest-auth-bypass

npx machina-cli add skill 0x-Professor/Agent-Skills-Hub/pentest-auth-bypass --openclaw

Files (1)

SKILL.md

1.3 KB

Pentest Auth Bypass

Stage

PTES: 5
MITRE: T1110, T1550

Objective

Validate brute-force resistance, session integrity, and MFA enforcement.

Required Workflow

Validate scope before any active action and reject out-of-scope targets.
Run only authorized checks aligned to PTES, OWASP WSTG, NIST SP 800-115, and MITRE ATT&CK.
Write findings in canonical finding_schema format with reproducible PoC notes.
Honor dry-run mode and require explicit --i-have-authorization for live execution.
Export deterministic artifacts for downstream skill consumption.

Execution

python skills/pentest-auth-bypass/scripts/auth_bypass.py --scope scope.json --target <target> --input <path> --output <path> --format json --dry-run

Outputs

auth-findings.json
valid-sessions.json
auth-attack-report.json

References

references/tools.md
skills/autonomous-pentester/shared/scope_schema.json
skills/autonomous-pentester/shared/finding_schema.json

Legal and Ethical Notice

WARNING AUTHORIZED USE ONLY
This skill executes real security testing tools against live targets.
Use only with written authorization.

Source

git clone https://github.com/0x-Professor/Agent-Skills-Hub/blob/main/skills/pentest-auth-bypass/SKILL.mdView on GitHub

Overview

Pentest Auth Bypass automates authorized checks to validate brute-force resistance, session integrity, and MFA enforcement. It aligns with PTES, MITRE ATT&CK, OWASP WSTG, and NIST guidelines to identify weaknesses and requires explicit authorization for live actions, producing reproducible PoCs and deterministic artifacts.

How This Skill Works

A Python-based assessment enforces defined scope and authorization, executes standardized authentication-bypass checks, and captures findings in a canonical format. It exports structured outputs (auth-findings.json, valid-sessions.json, auth-attack-report.json) along with reproducible PoC notes to support remediation.

When to Use It

During an authorized web/mobile app login security assessment to test brute-force protections.
In red-team exercises to validate MFA enforcement and session handling.
Before going live to verify brute-force resistance and session integrity.
When assessing session hijacking risks and token invalidation on logout.
For compliance testing aligned with PTES, OWASP WSTG, and MITRE ATT&CK frameworks.

Quick Start

Step 1: Review the scope.json and obtain written authorization.
Step 2: Run the auth bypass script in dry-run mode to simulate checks.
Step 3: Inspect the generated outputs (auth-findings.json, valid-sessions.json, auth-attack-report.json) and prepare remediation steps.

Best Practices

Obtain explicit written authorization and clearly defined scope; respect out-of-scope targets.
Run in dry-run mode first to validate tests without affecting live systems.
Use the canonical finding_schema format for reproducible PoCs and evidence.
Keep deterministic artifacts for downstream integration and reporting.
Document all steps and ensure alignment with PTES, OWASP, NIST, and MITRE controls.

Example Use Cases

Auditing a web app login flow to verify password brute-force protections.
Testing session cookie integrity and expiry handling on a SaaS admin console.
Verifying MFA enforcement across enrollment and login paths.
Assessing token and session invalidation on logout or password reset.
Evaluating account takeover risk in API-based authentication scenarios.

Frequently Asked Questions

Add this skill to your agents