// Find enumerable endpoints that leak data through iteration. Use when user asks about data scraping, bulk data access, or iterating through records.
Find authentication and session vulnerabilities. Use when user asks about auth bypass, session issues, login security, or token problems.
Find Business Logic vulnerabilities in captured traffic. Use when user asks about payment bypass, race conditions, workflow abuse, or application logic flaws.
Find payment callback and webhook vulnerabilities. Use when user asks about payment security, callback tampering, hash validation, or transaction manipulation.
Find checksum and signature vulnerabilities. Use when user asks about hash validation, signature bypass, checksum manipulation, or cryptographic weaknesses.
Find IDOR (Insecure Direct Object Reference) vulnerabilities in captured traffic. Use when user asks about authorization issues, sequential IDs, or accessing other users' data.
Find insecure configurations in HTTP traffic. Use when user asks about security headers, cookie security, CORS issues, or transport security.
| name | mitm-find-enumerable |
| description | Find enumerable endpoints that leak data through iteration. Use when user asks about data scraping, bulk data access, or iterating through records. |
Analyze the mitmproxy dump (log.txt) for enumerable endpoints for: $ARGUMENTS
Requires:
log.txtin the current directory. If it's missing, capture traffic first:mitmdump --set flow_detail=3 2>&1 | tee log.txt
/api/user/1, /api/user/2, /api/user/3/order/100001, /order/100002/transaction/TXN00001/report/2024-01-01/log/1704067200/profile/MTIzNDU= (12345)/data/0x1A2B/api/users?limit=999999/search?count=all# Sequential iteration
for i in {1..100}; do
curl -s "https://target.com/api/resource/$i" >> output.json
sleep 0.5
done
# Base64 iteration
for i in {1000..1100}; do
id=$(echo -n $i | base64)
curl -s "https://target.com/api/resource/$id"
done
# Date iteration
for d in {01..31}; do
curl -s "https://target.com/api/report/2024-01-$d"
done
For each finding: