Go to my Auth Bypass folder and there is a file otp bypass response manipulation that leads to account takeovers. Author @Virdoex_hunter