更新: 359 个文件 - 2026-03-16 23:30:01

2026-03-16 23:30:01 -07:00
--- a/08-threat-intel/repro-profiles/family-generic/authz-bypass-generic.yaml
+++ b/08-threat-intel/repro-profiles/family-generic/authz-bypass-generic.yaml
@@ -0,0 +1,31 @@
+profile_id: authz-bypass-generic
+match_rules:
+  keywords:
+    - authorization bypass
+    - auth bypass
+    - access control
+vuln_family: authz-bypass
+provisioning_mode: real
+artifact_source:
+  strategy: official-image-or-source
+required_services:
+  - app
+seed_actions:
+  - kind: note
+    message: Create low-privilege and admin test users for server-side recheck validation.
+baseline_actions:
+  - kind: http-get
+    path: /
+attack_actions:
+  - kind: note
+    message: Use minimal authorization bypass probes defined by case-specific runner or manual session tooling.
+browser_assertions:
+  required: false
+success_criteria:
+  - Protected route or action is evaluated with controlled credentials and logged.
+cleanup_policy: destroy
+destructive_risk: medium
+allowed_target_types:
+  - lab-local
+  - lab-public
+  - authorized-third-party