⛏️ Write a test to check whether we can create/update an object with invalid SSN #631
Comments
|
Hii Please assign me this issue |
|
hello can you assign me this issue |
|
I have made the PR |
|
@sivangbagri your test template is invalid. Please run your template on an API and see if it works before making a PR. |
|
@avneesh-akto Hii I have made the necessary changes kindly check akto-api-security/tests-library@669f2f0 |
|
Hi please assign me with this issue. |
|
@sivangbagri your template still seems invalid. Request header is nested inside query params in api_selection_filter. Also you should detect and modify in request payload too. Please run the template on sample API before submitting any PR else you will get banned. |
|
@saitejavarma-7 I have assigned it to you too. Happy hacking |
|
Hey.. still invalid. Your logic requires SSN or UPI id to be present in query, headers AND body param. Instead it should be a OR. Please refer CSRF test by removing csrf token test for more info |
|
What is the logic for |
|
Hi @sivangbagri can you please rebase to |
|
Hi @sivangbagri, please fill out this form here so we can send you Akto swags. Will let you know ETA of swags soon, thanks for your contribution! 🚀 |
|
Hi @sivangbagri, we've received your details, swags should reach you in a month! |
💭 Introduction:
We want to test to check whether an attacker can create/update entity with an invalid SSN.
🎯 Requirements:
Filters - API with UPI ID as an input in GET query parameter or JSON body parameter
Execute - It should replace the value with
✅ Task summary:
📚 Reading
You can find a detailed documentation of test editor rules here
Find 100+ examples of YAML tests here
🙋🏼♂️ Questions:
If you have questions, need any help, or just want to hang out, make sure to join us on our Discord server.
The text was updated successfully, but these errors were encountered: