Once a user has been authenticated, the next task is to authorize the user to give him/her access to data. Based on the user role and privileges, the application grants authorization. To test for authorization vulnerabilities, we require valid credentials from each of the different roles present in an application. Using some preliminary tools, we can attempt to bypass the authorization schema and gain access to the superuser account while using the credentials of a normal user.