Hey Guys, Inject hard-coded attacker auth token in the User config is similar to pasting headers in Autorize (Burp extension), right?
Hello @JasonFife2, indeed, the concept of injecting a hard-coded attacker auth token in the User config is analogous to modifying headers in the Autorize Burp extension. Specifically, the feature you’re referring to takes an existing authentication token within a request and substitutes it with a specified attacker’s token.
Take a look at this test case for a practical demonstration: BOLA by changing auth token - Akto. It identifies the auth token within the headers and overwrites it. This substitution is executed using the replace_auth_header: true directive within the YAML configuration for the test. This allows you to simulate an attack scenario where an unauthorized token gains access, thereby testing the security of your authorization process.