password-reset-flaws
OfficialSecure password reset and change flows.
Software Engineering#authentication#web security#vulnerability testing#csrf#password reset#account takeover
Authorsecurityfortech
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill addresses critical security vulnerabilities in how web applications handle password resets and changes, preventing unauthorized account access and data breaches.
Core Features & Use Cases
- Vulnerability Detection: Identifies weaknesses like CSRF in reset forms, cross-user modification, predictable tokens, and insecure password storage.
- Methodical Testing: Provides a step-by-step methodology to test for these flaws using common security tools.
- Use Case: A security analyst can use this Skill to systematically audit a web application's password reset functionality, ensuring it adheres to secure coding practices and preventing common account takeover attacks.
Quick Start
Test the password reset functionality for CSRF vulnerabilities on the target website.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: password-reset-flaws Download link: https://github.com/securityfortech/hacking-skills/archive/main.zip#password-reset-flaws Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.