- Injecting breached account credentials in hopes of account takeover
- Stolen credentials from a previous breach
{% embed url="https://academy.tcm-sec.com/courses/1152300/lectures/24769650" %}
- Utilize the "pitchfork" attack type in Burp
- Passwords are randomly chosen and sent at the target in an attempt to authenticate
- Utilize the