Loading...
Loading...
Found 13 Skills
Test for user enumeration vulnerabilities through various authentication endpoints.
Test if user signup is open and identify potential abuse vectors in the registration process.
List all tables exposed via the Supabase PostgREST API to identify the attack surface.
List all storage buckets and their configuration to identify the storage attack surface.
List and test exposed PostgreSQL RPC functions for security issues and potential RLS bypass.
Test Row Level Security (RLS) policies for common bypass vulnerabilities and misconfigurations.
Analyze Supabase authentication configuration for security weaknesses and misconfigurations.
Attempt to read data from exposed tables to verify actual data exposure and RLS effectiveness.
Identify storage buckets that are publicly accessible and may contain sensitive data.
Attempt to list and read files from storage buckets to verify access controls.
Discover and test Supabase Edge Functions for security vulnerabilities and misconfigurations.
Create a test user (with explicit permission) to audit what authenticated users can access vs anonymous users. Detects IDOR, cross-user access, and privilege escalation.