auth_bypass_check
Automatically detect authentication bypass vulnerabilities in API endpoints by testing various authentication mechanisms, headers, and session configurations on CyberMCP.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| auth_header | No | Authentication header name (if different from standard) | |
| auth_token | No | Authentication token (if not using the currently authenticated session) | |
| endpoint | Yes | API endpoint to test | |
| http_method | No | HTTP method to use | GET |
| use_session_auth | No | Whether to use the current session authentication if available |
Input Schema (JSON Schema)
{
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"auth_header": {
"description": "Authentication header name (if different from standard)",
"type": "string"
},
"auth_token": {
"description": "Authentication token (if not using the currently authenticated session)",
"type": "string"
},
"endpoint": {
"description": "API endpoint to test",
"format": "uri",
"type": "string"
},
"http_method": {
"default": "GET",
"description": "HTTP method to use",
"enum": [
"GET",
"POST",
"PUT",
"DELETE",
"PATCH"
],
"type": "string"
},
"use_session_auth": {
"default": true,
"description": "Whether to use the current session authentication if available",
"type": "boolean"
}
},
"required": [
"endpoint"
],
"type": "object"
}