2FA Bypasses
Status Code Manipulation
2FA Code Leakage in Response
JS File Analysis
2FA Code Reusability
Lack of Brute-Force Protection
Missing 2FA Code Integrity Validation
CSRF on 2FA Disabling
Password Reset Disable 2FA
Backup Code Abuse
Clickjacking on 2FA Disabling Page
Enabling 2FA doesn't expire Previously active Sessions
Bypass 2FA with null or 000000
Articles
Author
Last updated