A somewhat curated list of links to various topics in application security.

Insecure Direct Object Reference (IDOR)

LinkExcerptWord Count
IDOR - how to predict an identifier? Bug bounty case study📚 Access full case study here: 📖 Check out AppSecEngineer, the sponsor of today's video: 📧 Subscribe to BBRE Premium: ✉️ Sign up for the mailing0
devanshbatham/Vulnerabilities-UnmaskedThis repo tries to explain complex security vulnerabilities in simple terms that even a five-year-old can understand! Imagine you have a toy box where you and your friends can put your favorite toys in and take them out whenever you want. Each of you can only take out your own toys.3169
👩‍💻Roadmap to Cybersecurity in 2022, Full-Read SSRF, IDOR in GraphQL, GCP Pentesting, and much…Watch this talk about $25 billion+ of value, locked in the practical attacks against bridges. Welcome to the #IWWeekly28 — the Monday newsletter that brings the best in Infosec straight to your inbox.737
Blog DetailsExploiting IDORs - A compilation of some neat, new and crazy examples! Hello readers, in this blog, our Senior Consultant Vanshal Gaur, is going to explain access control and vulnerabilities arising from insecure access control such as Insecure Direct Object References (IDOR) with some interesting2841
Finding more IDORs – Tips and TricksBefore working in the Security Testing team at Aon, I set myself the goal of receiving a bug bounty from a public vulnerability disclosure program. As is often recommended, I decided to look for one bug class in as many places as possible.2004
All About IDOR AttacksHave you ever wondered how data breaches happen? Nowadays, it seems like a new company is breached every five minutes.1140
HTTP Request Smuggling + IDORHTTP Request Smuggling or HTTP Desync is one of the trendy vulnerabilities of the moment and one of my favorites, because it allows you to greatly increase the severity of most common bugs.689
Jobert Abma on TwitterHacker tip: when you’re looking for IDORs in a model that references another model, try storing IDs that don’t exists yet. I’ve seen a number of times now that, because the model can’t be found, the system will save the ID. (1/2) #TogetherWeHitHarder42
A Less Known Attack Vector, Second Order IDOR AttacksMost of you probably familiar within the vulnerability types “IDOR (Insecure Object Direct Reference)” and second order vulnerabilities such as “Second Order SQL Injection.989
Accidental IDOR that Deleted Admin Account.Hey Everyone, Last week I got invited to a private program through one of my friend Ananda Dhakal. So I was testing out that program and at starting I found a normal rate limiting worth $25 😅😅 , Yeah It’s too low, I was also not happy with it.325
A Less Known Attack Vector, Second Order IDOR AttacksInsecure Direct Object References occur when an application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources in the system directly, for example database records or files.841
Chains on Chains!! Chaining several IDOR’s into Account Takeover(PART ONE)Daniel MarteNov 15, 2019·4 min readHello Everybody,Welcome to my FIRST writeup! Just to give you some background, My name is Daniel, I started hacking about 4 months ago and can’t stop! I’ve really been enjoying learning and exploiting some bugs! :D This writeup will be about how I achieved my947
How I could delete Facebook Ask for Recommendations post’s place objects in commentsThis blog post is about an Insecure direct object reference vulnerability in Facebook Ask for Recommendations post. using attacker could have remove place object card in comments.209
Stories Of IDOR-Part 2So Today i am going to share another IDOR story, well all stories in this blog is for single website, let name it Its an Education platform, mostly for the Political/Media/Historians students, where it gave a grouped platform for discussions.665
Inf0rM@tion Disclosure via IDORThree Duplicates & a Final BLOW! The “userId” parameter was vulnerable to IDOR! If we change the userId than it was showing out Email addresses and Names of all the registered Users in the Activity Log of the web application.1323
GraphQL IDOR leads to information disclosureHello World!, I’m Eshan Singh aka R0X4R. I’m here to share my recent findings on GraphQL IDOR (Insecure Direct Object Reference), which leads to information disclosure. So, let’s start. I’m signing in… What is GraphQL?495
cat ~/ my previous post, I shared my love for testing Insecure Direct Object Reference (IDOR) vulnerability. This time I’ll be sharing the situation where I found an IDOR in Websockets. You may want to read this write-up before you continue. But in short, I shared how I approach testing Websockets.333
cat ~/ this post, I’ll be talking about an interesting bug chain I discovered a few months ago; Stored XSS + IDOR (Cross Site Scripting and Insecure Direct Object Reference respectively). The target is an application that helps manage finances.293
cat ~/! Yea, HTTP is the most common channel you could find an Insecure Direct Object Reference (IDOR) Vulnerability (IMO). I should call this an IDOR series, hahah! In my last post, I mentioned there was a vulnerable HTTP PUT request on the target.396
Stories Of IDORInsecure Direct Object References occur when an application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources in the system directly. Now he able to view U2 file from his account.794