Published in


5 Ways to Test Password Reset Function

Password reset is a function commonly founded in modern web app. This function normally would be the first function I tested in every web app as once a bug is founded, it is normally a critical one. In this article, I would show several ways to test this function.

Before going deep in how to test a password-reset function, first we need to know how password-reset normally works.

When you need to reset a password in a web app. A POST request like below would be sent to the server.

POST /reset-password 




Where Innovation is Composed

Recommended from Medium

A Week in Privacy #48

{UPDATE} Spider Solitaire Hack Free Resources Generator

Know and Safeguard: Digital Banking Part 2

How to know Alice’s password?

Yearnyfi Network Sale Finally Launched, 15% Bonus YNI Token for The First 250 Participants,

{UPDATE} Marbles Plus Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Cybersecurity, Part-time bug bounty hunter. Support me by subscribe: Ping me for online private tutoring.

More from Medium

Top 25 Server-Side Request Forgery (SSRF) Bug Bounty Reports

Response Manipulation leads to Account Takeover

Hunting for Bugs in File Upload Feature:

My Bug Bounty Adventure -1- (Fuzzing + Information Disclosure)