[Access Control] Lab 2: Unprotected admin functionality

 Lab 2: Unprotected admin functionality

This lab is the second lab apart of the Serve-side vulnerabilities in Burp suite, as I work toward my Burp suite cert.

This is what i got from my notes from the burp suite course of how we can discover Unprotected Functionality?

it said for me to check robots.txt

now that the robots.txt is disallowing web crawlers to discover the /administrator- panel

Then we can delete the user carlos