Find Authentication Vulnerabilities

Analyze the mitmproxy dump (log.txt) for auth issues for: $ARGUMENTS

Requires: log.txt in the current directory. If it's missing, capture traffic first:

mitmdump --set flow_detail=3 2>&1 | tee log.txt

High-Value Auth Patterns (from 783 real HackerOne bounty reports)

1. Password Reset Token Issues

Real examples from bounties:

• Reset link not expiring after email change
• Reset token reusable multiple times
• Reset token valid after password change
• Predictable/sequential reset tokens