W-IDORPrivilege Escalation

Insecure Direct Object Reference (IDOR)

Endpoint trusts the object ID from the request — increment or replace it to access another user's resource.

§ Where this technique fits

W-IDOR is catalogued under the Privilege Escalation tactic of the offensive-security kill-chain. It appears in 1 approved dossier in the registry, typically at step 5 on average.

§ Dossiers chaining this technique

Deeplink abuse → in-app account takeover
Exported activity registers a custom URL scheme that triggers an OAuth-style 'confirm reset' action without validating the source — phishing URL clicks reset another user's password.
step 5 / 6

§ What commonly comes next

01
Valid Accounts
T1078 · Initial Access
seen 1×

§ Where this technique fits

§ Dossiers chaining this technique

Deeplink abuse → in-app account takeover

§ What commonly comes next