Results for idor

A type-based ID obfuscation library to prevent insecure direct object references (IDOR)

Lightweight API security probe: rate limiting, JWT attacks, BOLA, IDOR, security headers. No ZAP required.

ESLint plugin for Node.js API security — detects BOLA/IDOR, mass-assignment, SSRF, SQL injection, command injection, path traversal, open redirect, and hardcoded secrets across Express, Fastify, and NestJS.

Security MCP for vibe coding. 424 rules, 36 tools, CLI + doctor. Host security, auth coverage mapping, LLM-powered deep scan (IDOR/business logic), taint analysis. 61 CVE rules refreshed daily from GHSA/OSV/CISA KEV — Next.js May 2026 13-advisory cluster,

Guardrails for AI-assisted development - Detects IDOR, missing input validation, hardcoded secrets, and other critical bugs in AI-generated code

Security scanning for the vibe coding era. MCP server + CLI that finds secrets, auth bugs, SQL injection, XSS, IDOR, and vulnerable deps — and opens fix PRs. Works in Cursor, Claude Code, and VS Code. Bring your own model (Anthropic, OpenAI, Gemini, Groq,

Apollo Server schema directive to create opaque ID values

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

Security evals for the AI era. Probes · Targets · Graders · Proof. Confirmed XSS / SQLi / BOLA / prompt-injection / MCP-RCE with reproducible proof attached to every finding.

Mantis — offensive-security daemon for AUTHORIZED security testing only (use against systems you own or have explicit written authorization to test). 7-phase FSM (RECON → AUTH → HUNT → CHAIN → VERIFY → GRADE → REPORT), parallel hunter sub-agents, cryptogr

AI-powered security scanner CLI for codebases

Security audit plugin for Claude Code — scans skills, hooks, and MCP configs for prompt injection, data exfiltration, supply chain attacks, and 37 threat patterns. v3.1.1 bundles Agent Threat Rules (ATR) v2.1.2 as a reference resource.

QA Architect - Security audit and quality automation for AI-generated codebases. Scans for OWASP Top-10 vulnerabilities, CVEs, and common vibe-coding mistakes.

No description provided.

A complete server built on Cloudflare Workers/Pages

Security scanner for AI-generated code. Finds vulnerabilities, gives risk scores, and generates fix prompts for Cursor, Claude, and Codex.

Snitch CLI. Unified surface for Snitch security audits AND Snitch: Marketing audits. Runs on your device with your own AI provider key; Snitch's servers never receive your code or your audit findings. PKCE login, scope-gated subcommands.

Review Council — multi-model AI code review CLI

AI-powered security scanner CLI — scans codebases for OWASP Top 10 vulnerabilities using LLMs

CLI and library to measure how thoroughly your test suite exercises your API surface area

Advanced security analysis CLI for Node.js APIs — OWASP rules, secrets detection, risk scoring, diff mode, and historical tracking

TitanShieldAI CLI — AI-powered security scanner for your codebase. Zero config. Under 2 minutes.

API Security Testing Plugin for OpenCode - Automated vulnerability scanning and penetration testing

Zeno