AI command line tool to detect broken access control vulnerabilities in source code

These details have been verified by PyPI

Project links

Homepage

GitHub Statistics

Maintainers

spmvg

These details have not been verified by PyPI

Development Status
- 4 - Beta
License
- OSI Approved :: GNU Affero General Public License v3
Programming Language
- Python :: 3

Project description

Broken Access Control Scanner

Broken Access Control Scanner is an AI command line tool to detect broken access control vulnerabilities in source code using Anthropic's Claude AI.

Installation

Releases are made available on PyPi. The recommended installation method is via pip:

pip install broken-access-control-scanner

Usage

python -m broken_access_control_scanner <source_file> --data-model "<data_model_description>"

Requires ANTHROPIC_API_KEY environment variable to be set.

Arguments

source_file: Path to a source code file containing endpoints
--data-model, -d: Description of the data model and context for the endpoints (required)
--model, -m: Anthropic model to use (default: claude-sonnet-4-20250514)

Example

python -m broken_access_control_scanner api.py \
    --data-model "REST API with User and Document models. Users should only access their own profiles."

Output Example

┏━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Endpoint                  ┃  Severity  ┃ Description                      ┃
┡━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ /api/users/{id}/profile   │    NONE    │ Proper authorization check       │
│ /api/documents/{id}       │  CRITICAL  │ No authentication or auth check  │
└───────────────────────────┴────────────┴──────────────────────────────────┘

Severity Levels

NONE: No access control issues found
LOW: Minor issues, unlikely to be exploitable
MEDIUM: Access control weakness that could be exploited under certain conditions
HIGH: Clear access control vulnerability that can likely be exploited
CRITICAL: Severe access control vulnerability with high impact, easily exploitable

Project details

These details have been verified by PyPI

Project links

Homepage

GitHub Statistics

Maintainers

spmvg

These details have not been verified by PyPI

Development Status
- 4 - Beta
License
- OSI Approved :: GNU Affero General Public License v3
Programming Language
- Python :: 3

Release history Release notifications | RSS feed

This version

0.1.0

Feb 9, 2026

0.0.0

Feb 7, 2026

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

broken_access_control_scanner-0.1.0.tar.gz (17.1 kB view details)

Uploaded Feb 9, 2026 Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

The dropdown lists show the available interpreters, ABIs, and platforms. Enable javascript to be able to filter the list of wheel files.

broken_access_control_scanner-0.1.0-py3-none-any.whl (18.5 kB view details)

Uploaded Feb 9, 2026 Python 3

File details

Details for the file broken_access_control_scanner-0.1.0.tar.gz.

File metadata

Download URL: broken_access_control_scanner-0.1.0.tar.gz
Upload date: Feb 9, 2026
Size: 17.1 kB
Tags: Source
Uploaded using Trusted Publishing? Yes
Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for broken_access_control_scanner-0.1.0.tar.gz
Algorithm	Hash digest
SHA256	`b184c41dbcdb098c43987211a9872ee4509956386ef9254b5827aad7a18cfa5c`
MD5	`da31820f3a257abc238ab6fd8b387c33`
BLAKE2b-256	`f0395286f90f7f16215d4d0c617f0a1de7ee5b69d7180189f711c2e4c55defbd`

See more details on using hashes here.

Provenance

The following attestation bundles were made for broken_access_control_scanner-0.1.0.tar.gz:

Publisher: upload-pypi.yml on spmvg/broken_access_control_scanner

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Statement:
- Statement type: https://in-toto.io/Statement/v1
- Predicate type: https://docs.pypi.org/attestations/publish/v1
- Subject name: broken_access_control_scanner-0.1.0.tar.gz
- Subject digest: b184c41dbcdb098c43987211a9872ee4509956386ef9254b5827aad7a18cfa5c
- Sigstore transparency entry: 931362075
- Sigstore integration time: Feb 9, 2026
Source repository:
- Permalink: spmvg/broken_access_control_scanner@4456434f47d5faf02d591e402e2cef2882f56fa1
- Branch / Tag: refs/heads/main
- Owner: https://github.com/spmvg
- Access: public
Publication detail:
- Token Issuer: https://token.actions.githubusercontent.com
- Runner Environment: github-hosted
- Publication workflow: upload-pypi.yml@4456434f47d5faf02d591e402e2cef2882f56fa1
- Trigger Event: workflow_dispatch

File details

Details for the file broken_access_control_scanner-0.1.0-py3-none-any.whl.

File metadata

Download URL: broken_access_control_scanner-0.1.0-py3-none-any.whl
Upload date: Feb 9, 2026
Size: 18.5 kB
Tags: Python 3
Uploaded using Trusted Publishing? Yes
Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for broken_access_control_scanner-0.1.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`1b928fe711f61cddab364a68b1f2412543b66ba17a676b4fe61e8171beb03dfa`
MD5	`34cb0c099603653366fe4445c4e339e1`
BLAKE2b-256	`6911686535a4819d95476ddfc0d259306d577392c4043332bfed54f8947b425c`

See more details on using hashes here.

Provenance

The following attestation bundles were made for broken_access_control_scanner-0.1.0-py3-none-any.whl:

Publisher: upload-pypi.yml on spmvg/broken_access_control_scanner

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Statement:
- Statement type: https://in-toto.io/Statement/v1
- Predicate type: https://docs.pypi.org/attestations/publish/v1
- Subject name: broken_access_control_scanner-0.1.0-py3-none-any.whl
- Subject digest: 1b928fe711f61cddab364a68b1f2412543b66ba17a676b4fe61e8171beb03dfa
- Sigstore transparency entry: 931362126
- Sigstore integration time: Feb 9, 2026
Source repository:
- Permalink: spmvg/broken_access_control_scanner@4456434f47d5faf02d591e402e2cef2882f56fa1
- Branch / Tag: refs/heads/main
- Owner: https://github.com/spmvg
- Access: public
Publication detail:
- Token Issuer: https://token.actions.githubusercontent.com
- Runner Environment: github-hosted
- Publication workflow: upload-pypi.yml@4456434f47d5faf02d591e402e2cef2882f56fa1
- Trigger Event: workflow_dispatch

broken-access-control-scanner 0.1.0

Navigation

Verified details

Project links

GitHub Statistics

Maintainers

Unverified details

Meta

Classifiers

Project description

Broken Access Control Scanner

Installation

Usage

Arguments

Example

Output Example

Severity Levels

Project details

Verified details

Project links

GitHub Statistics

Maintainers

Unverified details

Meta

Classifiers

Release history Release notifications | RSS feed

Download files

Source Distribution

Built Distribution

File details

File metadata

File hashes

Provenance

File details

File metadata

File hashes

Provenance