11-Mar-2021 16:50
Hello, dear, I am trying to implement the brute force attack, but it turns out that when I configure a login page it asks me to configure values of the html form and it asks me for the user or password parameter that is used to validate the login, but it turns out that those parameters They are not sent in an html form, or json or anything, they are sent in the payload, so I don't know how to extract them much less send them as the validators of the login page
any ideas?
12-Mar-2021 05:16
Hi Omar,
switch "Authentication Type" dropdown to JSON / AJAX Request and start from here:
Manual Chapter : Creating Login Pages for Secure Application Access
KR
Daniel