In this Challenge Intially there is a login form in which we have enter username “@pentesteracademy.com”+ and password and in the next step there is basic authorization in which we have to enter same username and password.
But when i tried to use burp intruder for three different payloads,username,password,and basic authorization of username and password it failed.
So,i used burp repeater and tried using OPTIONS method instead of GET method .It responded that the method is not allowed ,only Method GET & HEAD is allowed.
So it mean’s if i request with HEAD method with all combination of username and password i will get authorized page.
Here is my python script for paricular above challenge