Aaron Loo

### Background Context Sometimes, endpoints have the following structure to them: ``` /{item_type}/{item_id} ``` where a different `item_type` would indicate to the server to check a different `item_id`. This is...

We perform sequence-based caching within the `Response` object ([source](https://github.com/Yelp/fuzz-lightyear/blob/master/fuzz_lightyear/response.py#L26-L27)). However, this doesn't support request-based caches, which are needed to have consistent values within dependent factory fixtures. Currently, we handle this...

### Issue We currently use different sessions to check for IDOR vulnerabilities. However, there's another type of authorization vulnerability that we can check for, as the [original Microsoft paper suggests](https://www.microsoft.com/en-us/research/uploads/prod/2019/02/paper2.pdf)....

### Summary In the petstore example, `/pet/{petId}/uploadImage` accepts a file in the formData. ``` /pet/{petId}/uploadImage: post: parameters: - name: "file" in: "formData" description: "file to upload" required: false type: "file"...

This is spawned from https://github.com/Yelp/detect-secrets/issues/153#issuecomment-504284806 ## Summary We want to add a `detect-secrets verify` option so that already created baselines is able to verify their discovered secrets (without needing to...