> ## Documentation Index
> Fetch the complete documentation index at: https://rootea.es/llms.txt
> Use this file to discover all available pages before exploring further.

# OAuth Authentication Vulnerabilities

> Cross-platform resources for OAuth Authentication Vulnerabilities: curated HTB machines, PortSwigger labs and TryHackMe rooms with validated writeups and related skills.

# OAuth Authentication Vulnerabilities

This page aggregates **cross-platform resources to practice OAuth Authentication Vulnerabilities**: retired Hack The Box machines, PortSwigger Web Security Academy labs and TryHackMe rooms, plus curated resources (HackTricks, PortSwigger, etc.) and related skills.

## Curated resources

| Source      | Link                                                                                     |
| ----------- | ---------------------------------------------------------------------------------------- |
| PortSwigger | [https://portswigger.net/web-security/oauth](https://portswigger.net/web-security/oauth) |

## HTB machines practicing OAuth Authentication Vulnerabilities (1)

| Machine                                       | OS    | Difficulty                                       |
| --------------------------------------------- | ----- | ------------------------------------------------ |
| [Oouch](/en/htb/machines/linux/dificil/oouch) | Linux | <span className="dbadge dbadge-hard">HARD</span> |

## PortSwigger labs practicing OAuth Authentication Vulnerabilities (6)

| Lab                                                                                                                                     | Difficulty                                                 | Topic                | Official                                                                                                        |
| --------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | -------------------- | --------------------------------------------------------------------------------------------------------------- |
| [Authentication bypass via OAuth implicit flow](/en/portswigger/labs/oauth/oauth-authentication-bypass-via-oauth-implicit-flow)         | <span className="dbadge dbadge-easy">APPRENTICE</span>     | OAuth Authentication | [Open](https://portswigger.net/web-security/oauth/lab-oauth-authentication-bypass-via-oauth-implicit-flow)      |
| [Stealing OAuth access tokens via a proxy page](/en/portswigger/labs/oauth/oauth-stealing-oauth-access-tokens-via-a-proxy-page)         | <span className="dbadge dbadge-easy">APPRENTICE</span>     | OAuth Authentication | [Open](https://portswigger.net/web-security/oauth/lab-oauth-stealing-oauth-access-tokens-via-a-proxy-page)      |
| [Forced OAuth profile linking](/en/portswigger/labs/oauth/oauth-forced-oauth-profile-linking)                                           | <span className="dbadge dbadge-medium">PRACTITIONER</span> | OAuth Authentication | [Open](https://portswigger.net/web-security/oauth/lab-oauth-forced-oauth-profile-linking)                       |
| [OAuth account hijacking via redirect\_uri](/en/portswigger/labs/oauth/oauth-account-hijacking-via-redirect-uri)                        | <span className="dbadge dbadge-medium">PRACTITIONER</span> | OAuth Authentication | [Open](https://portswigger.net/web-security/oauth/lab-oauth-account-hijacking-via-redirect-uri)                 |
| [SSRF via OpenID dynamic client registration](/en/portswigger/labs/oauth/openid-oauth-ssrf-via-openid-dynamic-client-registration)      | <span className="dbadge dbadge-medium">PRACTITIONER</span> | OAuth Authentication | [Open](https://portswigger.net/web-security/oauth/openid/lab-oauth-ssrf-via-openid-dynamic-client-registration) |
| [Stealing OAuth access tokens via an open redirect](/en/portswigger/labs/oauth/oauth-stealing-oauth-access-tokens-via-an-open-redirect) | <span className="dbadge dbadge-medium">PRACTITIONER</span> | OAuth Authentication | [Open](https://portswigger.net/web-security/oauth/lab-oauth-stealing-oauth-access-tokens-via-an-open-redirect)  |

## TryHackMe rooms practicing OAuth Authentication Vulnerabilities (1)

| Room                                                              | Difficulty                                         | Type        | Access | Official                                                |
| ----------------------------------------------------------------- | -------------------------------------------------- | ----------- | ------ | ------------------------------------------------------- |
| [OAuth Vulnerabilities](/en/tryhackme/rooms/oauthvulnerabilities) | <span className="dbadge dbadge-easy">MEDIUM</span> | Walkthrough | 🔵 VIP | [Open](https://tryhackme.com/room/oauthvulnerabilities) |

***

← [Back to the full glossary](/en/glossary)

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"DefinedTerm","name":"OAuth Authentication Vulnerabilities","termCode":"oauth","inLanguage":"en","url":"https://rootea.es/en/skills/oauth","inDefinedTermSet":{"@type":"DefinedTermSet","name":"Tactical pentesting glossary","url":"https://rootea.es/en/glossary"}}`}
</script>

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"ItemList","name":"HTB machines practicing OAuth Authentication Vulnerabilities","numberOfItems":1,"itemListElement":[{"@type":"ListItem","position":1,"url":"https://rootea.es/en/htb/machines/linux/dificil/oouch","name":"Oouch"}]}`}
</script>

*Last updated: 2026-06-07*
