Skip to content
/ oauth-exploit-lab Public

Lab to understand OAuth v2 vulnerabilities and attack techniques.

License

MIT license
7 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

melonattacker/oauth-exploit-lab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

71 Commits
base
base
 
 
exercise
exercise
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

oauth-exploit-lab

Lab to understand OAuth v2 vulnerabilities and attack techniques.

Base environment

Base implementation of OAuth v2 and this is the base environment of excercise. You can access from here.

Exercise

This is exercises where you can learn various vulnerabilities that occur in OAuth implementations and how to exploit them.

exercise vulnerability
ex1 CSRF
ex2 Open redirect
ex3 Host header injection
ex4 Scope upgrade
ex5 XSS + Directory traversal
ex6 HTML injection + Directory traversal
ex7 Scope upgrade: abusing re-release tokens
ex8 Race condition in authorization code
ex9 XSS + Weak user validation

Imprementing other excercises...

About

Lab to understand OAuth v2 vulnerabilities and attack techniques.

Resources

Readme

License

MIT license
Activity

Stars

7 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages