Day 14: Solve 4 Access Control labs on the portswigger lab and read reports/blog 1. Access Control Labs URL-based access control can be circumvented Method-based access control can be circumvented User ID controlled by request parameter User ID controlled by request parameter, with unpredictable user IDs 2. Read reports on IDOR https://hackerone.com/reports/847452 https://hackerone.com/reports/56511 https://hackerone.com/reports/52646 https://hackerone.com/reports/1685970 Tiktok IDOR