Az0x7 · William-LP · Aug 19, 2025
diff --git a/2FA Bypass/2FA bypass.md b/2FA Bypass/2FA bypass.md
@@ -69,13 +69,8 @@ verification-code=123456
 
 [ ] CSRF on 2FA Disable Feature
 ```
-1. Request a 2FA code and use it
-2. Now, Re-use the 2FA code and if it is used successfully that's an issue.
-3. Also, try requesting multiple 2FA codes and see if previously requested Codes  
-expire or not when a new code is requested
-4. Also, try to re-use the previously used code after long time duration say 1 day or  
-more. That will be an potential issue as 1 day is enough duration to crack and guess  
-a 6-digit 2FA code
+1. Search if there's an URL to opt out from 2FA like /users/me/2FA?activate=false
+2. Make the victim click the link so they are not protected by 2FA anymore
 ```