// Find payment callback and webhook vulnerabilities. Use when user asks about payment security, callback tampering, hash validation, or transaction manipulation.
Find authentication and session vulnerabilities. Use when user asks about auth bypass, session issues, login security, or token problems.
Find Business Logic vulnerabilities in captured traffic. Use when user asks about payment bypass, race conditions, workflow abuse, or application logic flaws.
Find checksum and signature vulnerabilities. Use when user asks about hash validation, signature bypass, checksum manipulation, or cryptographic weaknesses.
Find enumerable endpoints that leak data through iteration. Use when user asks about data scraping, bulk data access, or iterating through records.
Find IDOR (Insecure Direct Object Reference) vulnerabilities in captured traffic. Use when user asks about authorization issues, sequential IDs, or accessing other users' data.
Find insecure configurations in HTTP traffic. Use when user asks about security headers, cookie security, CORS issues, or transport security.
| name | mitm-find-callback |
| description | Find payment callback and webhook vulnerabilities. Use when user asks about payment security, callback tampering, hash validation, or transaction manipulation. |
Analyze the mitmproxy dump (log.txt) for payment callback issues for: $ARGUMENTS
Requires:
log.txtin the current directory. If it's missing, capture traffic first:mitmdump --set flow_detail=3 2>&1 | tee log.txt
status=failed to status=successunmappedstatus parameter# Test callback with modified status
curl -X POST "https://merchant.com/payment/callback" \
-d "txnid=12345&status=success&hash=original_hash"
# Test with invalid hash
curl -X POST "https://merchant.com/payment/callback" \
-d "txnid=12345&status=success&hash=aaaa"
For each finding: