Reports:

https://medium.com/@yoshimlutfi/how-i-found-p2-broken-authentication-with-zero-skill-of-hacking-c40b5643fe4a


https://saeeds.medium.com/blackbox-cookie-testing-how-i-cracked-the-admins-cookie-c817dd4281c8


https://hector0x.medium.com/broken-authentication-through-referral-code-25cd0e8bccc2

https://infosecwriteups.com/super-admin-panel-without-credentials-c2022a23bb35

https://medium.com/@katikitala.sushmitha078/how-i-can-take-over-any-users-account-with-their-mobile-number-6d820a364cad



Labs:

http://testphp.vulnweb.com/

https://portswigger.net/web-security/sql-injection/lab-login-bypass

https://portswigger.net/web-security/authentication/multi-factor/lab-2fa-simple-bypass

https://tryhackme.com/room/authenticationbypass

https://replit.com/@brunofragame/auth-bypass-01