Loading...
Loading...
Found 13 Skills
Test for user enumeration vulnerabilities through various authentication endpoints.
List all tables exposed via the Supabase PostgREST API to identify the attack surface.
Test if user signup is open and identify potential abuse vectors in the registration process.
List all storage buckets and their configuration to identify the storage attack surface.
Identify storage buckets that are publicly accessible and may contain sensitive data.
List and test exposed PostgreSQL RPC functions for security issues and potential RLS bypass.
Analyze Supabase authentication configuration for security weaknesses and misconfigurations.
Discover and test Supabase Edge Functions for security vulnerabilities and misconfigurations.
Attempt to read data from exposed tables to verify actual data exposure and RLS effectiveness.
Test Row Level Security (RLS) policies for common bypass vulnerabilities and misconfigurations.
Attempt to list and read files from storage buckets to verify access controls.
Create a test user (with explicit permission) to audit what authenticated users can access vs anonymous users. Detects IDOR, cross-user access, and privilege escalation.