diff --git a/apps/dashboard/src/main/java/com/akto/action/quick_start/QuickStartAction.java b/apps/dashboard/src/main/java/com/akto/action/quick_start/QuickStartAction.java
index 26ba7dca67..b8ccb88a14 100644
--- a/apps/dashboard/src/main/java/com/akto/action/quick_start/QuickStartAction.java
+++ b/apps/dashboard/src/main/java/com/akto/action/quick_start/QuickStartAction.java
@@ -154,14 +154,11 @@ public String saveLoadBalancers() {
         if (!AwsStack.getInstance().checkIfStackExists(MirroringStackDetails.getStackName())) {
             this.isFirstSetup = true;
             try {
-                Map<String, String> parameters = new HashMap<String, String>() {
-                    {
-                        put("MongoIp", System.getenv("AKTO_MONGO_CONN"));
-                        put("KeyPair", System.getenv("EC2_KEY_PAIR"));
-                        put("SourceLBs", extractLBs());
-                        put("SubnetId", System.getenv("EC2_SUBNET_ID"));
-                    }
-                };
+                Map<String, String> parameters = new HashMap<>();
+                parameters.put("MongoIp", System.getenv("AKTO_MONGO_CONN"));
+                parameters.put("KeyPair", System.getenv("EC2_KEY_PAIR"));
+                parameters.put("SourceLBs", extractLBs());
+                parameters.put("SubnetId", System.getenv("EC2_SUBNET_ID"));
                 String template = convertStreamToString(AwsStack.class
                         .getResourceAsStream("/cloud_formation_templates/akto_aws_mirroring.template"));
                 List<Tag> tags = Utils.fetchTags(DashboardStackDetails.getStackName());
@@ -174,11 +171,8 @@ public String saveLoadBalancers() {
         } else {
             this.isFirstSetup = false;
             try {
-                Map<String, String> updatedEnvVars = new HashMap<String, String>() {
-                    {
-                        put("ELB_NAMES", extractLBs());
-                    }
-                };
+                Map<String, String> updatedEnvVars = new HashMap<>();
+                updatedEnvVars.put("ELB_NAMES", extractLBs());
                 String functionName = AwsStack.getInstance().fetchResourcePhysicalIdByLogicalId(MirroringStackDetails.getStackName(), MirroringStackDetails.CREATE_MIRROR_SESSION_LAMBDA);
                 UpdateFunctionRequest ufr = new UpdateFunctionRequest(updatedEnvVars);
                 Lambda.getInstance().updateFunctionConfiguration(functionName, ufr);
diff --git a/apps/dashboard/src/main/resources/cloud_formation_templates/akto_aws_mirroring.template b/apps/dashboard/src/main/resources/cloud_formation_templates/akto_aws_mirroring.template
index 66dd5bc4e7..85e111e540 100644
--- a/apps/dashboard/src/main/resources/cloud_formation_templates/akto_aws_mirroring.template
+++ b/apps/dashboard/src/main/resources/cloud_formation_templates/akto_aws_mirroring.template
@@ -1 +1 @@
-{"AWSTemplateFormatVersion":"2010-09-09","Description":"This template does a simple setup for all Akto modules. It sets up all modules on a single instance. If you want a scalable and flexible setup, please contact support@akto.io.","Parameters":{"SubnetId":{"Type":"AWS::EC2::Subnet::Id"},"KeyPair":{"Type":"AWS::EC2::KeyPair::KeyName"},"SourceLBs":{"Type":"CommaDelimitedList"},"MongoIp":{"Type":"String"}},"Mappings":{"RegionMap":{"af-south-1":{"AMI":"ami-0adee70ff4394e3d5"},"eu-north-1":{"AMI":"ami-04e8b0e36ed3403dc"},"ap-south-1":{"AMI":"ami-09de362f44ba0a166"},"eu-west-3":{"AMI":"ami-0614433a16ab15878"},"eu-west-2":{"AMI":"ami-030770b178fa9d374"},"eu-south-1":{"AMI":"ami-0432f14b68c3e0273"},"eu-west-1":{"AMI":"ami-0bba0a4cb75835f71"},"ap-northeast-3":{"AMI":"ami-0253beba286f3e848"},"ap-northeast-2":{"AMI":"ami-0e1d09d8b7c751816"},"me-south-1":{"AMI":"ami-07a68e42e669daed0"},"ap-northeast-1":{"AMI":"ami-06ce6680729711877"},"sa-east-1":{"AMI":"ami-0656df2cc0dfd150a"},"ca-central-1":{"AMI":"ami-04c12937e87474def"},"ap-east-1":{"AMI":"ami-0b751f901b93720a5"},"ap-southeast-1":{"AMI":"ami-0adf622550366ea53"},"ap-southeast-2":{"AMI":"ami-03b836d87d294e89e"},"eu-central-1":{"AMI":"ami-094c442a8e9a67935"},"ap-southeast-3":{"AMI":"ami-0483d92a8124da6c9"},"us-east-1":{"AMI":"ami-065efef2c739d613b"},"us-east-2":{"AMI":"ami-07251f912d2a831a3"},"us-west-1":{"AMI":"ami-09b2f6d85764ec71b"},"us-west-2":{"AMI":"ami-0d08ef957f0e4722b"}}},"Resources":{"TrafficMirrorTarget":{"Type":"AWS::EC2::TrafficMirrorTarget","Properties":{"Description":"Traffic Mirror target set to network interface of Akto EC2 instance","Tags":[{"Key":"Name","Value":{"Fn::Join":["",[{"Ref":"AWS::StackName"},"-","Target"]]}},{"Key":"Deployment","Value":"Akto-CloudFormation"}],"NetworkLoadBalancerArn":{"Ref":"AktoNLB"}}},"LBTrafficMirrorFilter":{"Type":"AWS::EC2::TrafficMirrorFilter","Properties":{"Description":"Traffic mirror filter for LBs and Target Groups","NetworkServices":["amazon-dns"],"Tags":[{"Key":"Name","Value":{"Fn::Join":["",[{"Ref":"AWS::StackName"},"-","Filter"]]}},{"Key":"Deployment","Value":"Akto-CloudFormation"}]}},"LambdaLogGroup":{"Type":"AWS::Logs::LogGroup","Properties":{"LogGroupName":{"Fn::Sub":"/aws/lambda/${CreateMirrorSession}"},"RetentionInDays":7}},"LambdaBasicExecutionRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]},"Path":"/","Policies":[{"PolicyName":"LBCreateTrafficMirrorSession","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["ec2:DescribeNetworkInterfaces","ec2:DescribeTrafficMirrorSessions","ec2:DescribeInstances","ec2:DescribeVpcs","elasticloadbalancing:DescribeLoadBalancers","elasticloadbalancing:DescribeTargetGroups","elasticloadbalancing:DescribeTargetHealth","ec2:DescribeTrafficMirrorFilters","ec2:DeleteTrafficMirrorFilterRule","ec2:CreateTrafficMirrorFilterRule","lambda:InvokeFunction"],"Resource":"*"},{"Effect":"Allow","Action":["ec2:CreateTrafficMirrorSession"],"Resource":["arn:aws:ec2:*:*:traffic-mirror-session/*","arn:aws:ec2:*:*:network-interface/*",{"Fn::Join":["",["arn:aws:ec2:*:*:traffic-mirror-target/",{"Ref":"TrafficMirrorTarget"}]]},{"Fn::Join":["",["arn:aws:ec2:*:*:traffic-mirror-filter/*"]]}]},{"Effect":"Allow","Action":["ec2:DeleteTrafficMirrorSession"],"Resource":["arn:aws:ec2:*:*:traffic-mirror-session/*"]}]}}]}},"GetAktoSetupDetailsLambdaBasicExecutionRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]},"Path":"/","Policies":[{"PolicyName":"GetAktoSetupDetailsExecuteLambda","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["ec2:DescribeNetworkInterfaces","ec2:DescribeTrafficMirrorSessions","ec2:DescribeInstances","ec2:DescribeVpcs","elasticloadbalancing:DescribeLoadBalancers","elasticloadbalancing:DescribeTargetGroups","elasticloadbalancing:DescribeTargetHealth"],"Resource":"*"}]}}]}},"LambdaLogPermissions":{"Type":"AWS::IAM::Policy","Properties":{"Roles":[{"Ref":"LambdaBasicExecutionRole"}],"PolicyName":{"Fn::Sub":"${AWS::Region}-LambdaLogGroup"},"PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["logs:CreateLogStream","logs:PutLogEvents"],"Resource":[{"Fn::Sub":"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/${CreateMirrorSession}"},{"Fn::Sub":"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/${CreateMirrorSession}:*"},{"Fn::Sub":"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/${CreateMirrorSession}:*:*"}]}]}}},"GetAktoSetupDetails":{"Type":"AWS::Lambda::Function","Properties":{"Runtime":"nodejs12.x","Timeout":60,"Role":{"Fn::GetAtt":["GetAktoSetupDetailsLambdaBasicExecutionRole","Arn"]},"Handler":"index.handler","Environment":{"Variables":{"TARGET_LB":{"Ref":"AktoNLB"}}},"Code":{"S3Bucket":{"Fn::Sub":"akto-setup-${AWS::Region}"},"S3Key":"templates/get-akto-setup-details.zip"}}},"CustomSourceAktoSetupDetails":{"Type":"AWS::CloudFormation::CustomResource","Properties":{"ServiceToken":{"Fn::GetAtt":["GetAktoSetupDetails","Arn"]}}},"CreateMirrorSession":{"Type":"AWS::Lambda::Function","Properties":{"Runtime":"nodejs12.x","Timeout":60,"Role":{"Fn::GetAtt":["LambdaBasicExecutionRole","Arn"]},"Handler":"index.handler","Environment":{"Variables":{"ELB_NAMES":{"Fn::Join":[",",{"Ref":"SourceLBs"}]},"TRAFFIC_MIRROR_FILTER_ID":{"Ref":"LBTrafficMirrorFilter"},"TRAFFIC_MIRROR_TARGET_ID":{"Ref":"TrafficMirrorTarget"},"TARGET_LB":{"Ref":"AktoNLB"},"SAVE_COLLECTION_NAMES_LAMBDA_ARN":{"Fn::GetAtt":["SaveCollectionNames","Arn"]}}},"Code":{"S3Bucket":{"Fn::Sub":"akto-setup-${AWS::Region}"},"S3Key":"templates/create-mirror-session.zip"},"Description":"Auto create mirroring configuration","TracingConfig":{"Mode":"Active"}}},"PeriodicEventRule":{"Type":"AWS::Events::Rule","Properties":{"Description":"Generate an event periodically","Name":{"Fn::Join":["",[{"Ref":"AWS::StackName"},"-","PeriodicRule"]]},"ScheduleExpression":"rate(15 minutes)","State":"ENABLED","Targets":[{"Arn":{"Fn::GetAtt":["CreateMirrorSession","Arn"]},"Id":{"Ref":"CreateMirrorSession"}}]}},"PeriodicEventPermission":{"Type":"AWS::Lambda::Permission","Properties":{"FunctionName":{"Fn::GetAtt":["CreateMirrorSession","Arn"]},"Action":"lambda:InvokeFunction","Principal":"events.amazonaws.com","SourceAccount":{"Ref":"AWS::AccountId"},"SourceArn":{"Fn::GetAtt":["PeriodicEventRule","Arn"]}}},"LambdaVPCAccessRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]},"Path":"/","Policies":[{"PolicyName":"LambdaBasicAccessVPCPolicy","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["ec2:DescribeNetworkInterfaces","ec2:DescribeInstances","ec2:CreateNetworkInterface","ec2:DeleteNetworkInterface","ec2:AttachNetworkInterface"],"Resource":"*"}]}}]}},"LambdaSecurityGroupVPC":{"Type":"AWS::EC2::SecurityGroup","Properties":{"VpcId":{"Fn::GetAtt":["CustomSourceAktoSetupDetails","VpcId"]},"GroupDescription":"Security group is required to create a lambda inside a VPC","SecurityGroupEgress":[{"IpProtocol":"tcp","FromPort":9092,"ToPort":9092,"CidrIp":"0.0.0.0/0"}]}},"SaveCollectionNames":{"Type":"AWS::Lambda::Function","Properties":{"Runtime":"nodejs12.x","Timeout":60,"Role":{"Fn::GetAtt":["LambdaVPCAccessRole","Arn"]},"Handler":"nodejs/index.handler","VpcConfig":{"SecurityGroupIds":[{"Fn::GetAtt":["LambdaSecurityGroupVPC","GroupId"]}],"SubnetIds":{"Fn::GetAtt":["CustomSourceAktoSetupDetails","SubnetId"]}},"Environment":{"Variables":{"PRIVATE_IP":{"Fn::GetAtt":["CustomSourceAktoSetupDetails","kafkaIp"]},"SUCCESS_ENIS":{"Fn::GetAtt":["CustomSourceAktoSetupDetails","successEnis"]}}},"Code":{"S3Bucket":{"Fn::Sub":"akto-setup-${AWS::Region}"},"S3Key":"templates/mirroring-collections-split.zip"},"Description":"Send collection name to id mapping to Akto modules","TracingConfig":{"Mode":"Active"}}},"GetVpcDetailsLambdaRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":["lambda.amazonaws.com"]},"Action":["sts:AssumeRole"]}]},"Path":"/","Policies":[{"PolicyName":"DescribeAssetsPolicy","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["ec2:DescribeVpcs","ec2:DescribeSubnets"],"Resource":"*"}]}}]}},"GetVpcDetailsLambda":{"Type":"AWS::Lambda::Function","Properties":{"Description":"Look up info from a VPC","Handler":"index.handler","Runtime":"nodejs12.x","Timeout":30,"Role":{"Fn::GetAtt":["GetVpcDetailsLambdaRole","Arn"]},"Environment":{"Variables":{"SUBNET_ID":{"Ref":"SubnetId"}}},"Code":{"ZipFile":"var SUBNET_ID = process.env.SUBNET_ID; var aws = require('aws-sdk'); var response = require('cfn-response'); var ec2 = new aws.EC2(); exports.handler = async function(event, context) {\n    if (event.RequestType == 'Delete') {\n       await response.send(event, context, 'SUCCESS');\n       return;\n    }\n    var params = {\n       SubnetIds: [SUBNET_ID] \n    };\n    var subnets = await ec2.describeSubnets(params).promise().catch(err => {\n       console.error(err);\n    });\n    var vpcId = subnets['Subnets'][0]['VpcId'];\n    var vpcs = await ec2.describeVpcs({VpcIds: [vpcId]}).promise().catch(err => {\n       console.error(err);\n    });\n    await response.send(event, context, 'SUCCESS', {CidrBlock: vpcs['Vpcs'][0]['CidrBlock'], VpcId: vpcId})\n};\n"}}},"CustomSourceGetVpcDetails":{"Type":"AWS::CloudFormation::CustomResource","Properties":{"ServiceToken":{"Fn::GetAtt":["GetVpcDetailsLambda","Arn"]}}},"IamInstanceProfile":{"Type":"AWS::IAM::InstanceProfile","Properties":{"Path":"/","Roles":[{"Ref":"RefreshHandlerLambdaBasicExecutionRole"}]}},"AktoContextAnalyzerSecurityGroup":{"Type":"AWS::EC2::SecurityGroup","Properties":{"VpcId":{"Fn::GetAtt":["CustomSourceGetVpcDetails","VpcId"]},"GroupDescription":"Enable the ports Akto requires (22, 9092)","SecurityGroupIngress":[{"IpProtocol":"tcp","FromPort":22,"ToPort":22,"CidrIp":{"Fn::GetAtt":["CustomSourceGetVpcDetails","CidrBlock"]}},{"IpProtocol":"tcp","FromPort":9092,"ToPort":9092,"CidrIp":{"Fn::GetAtt":["CustomSourceGetVpcDetails","CidrBlock"]}}],"SecurityGroupEgress":[]}},"AktoContextAnalyzerASGLaunchConfiguration":{"Type":"AWS::AutoScaling::LaunchConfiguration","Properties":{"ImageId":{"Fn::FindInMap":["RegionMap",{"Ref":"AWS::Region"},"AMI"]},"InstanceType":"m5a.xlarge","KeyName":{"Ref":"KeyPair"},"AssociatePublicIpAddress":"false","SecurityGroups":[{"Ref":"AktoContextAnalyzerSecurityGroup"}],"BlockDeviceMappings":[{"DeviceName":"/dev/xvda","Ebs":{"VolumeType":"gp2","DeleteOnTermination":"true","VolumeSize":"50","Encrypted":true}}],"MetadataOptions":{"HttpTokens":"required"},"UserData":{"Fn::Base64":{"Fn::Join":["\n",["#!/bin/bash -xe",{"Fn::Sub":"export AKTO_MONGO_CONN='${MongoIp}'"},"touch /tmp/hello.txt","touch ~/hello.txt","sudo yum update -y","sudo yum install -y python python-setuptools","sudo yum install -y docker","sudo dockerd&","sudo mkdir -p /opt/aws/bin","export COMPOSE_FILE=docker-compose-context-analyser.yml","sudo wget https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz","sudo python -m easy_install --script-dir /opt/aws/bin aws-cfn-bootstrap-latest.tar.gz","curl -fsSL 'https://raw.githubusercontent.com/akto-api-security/infra/feature/segregation_2/cf-deploy-akto' > cf-deploy-akto","sudo chmod 700 cf-deploy-akto","./cf-deploy-akto < <(echo 'test')","sudo echo >> ~/akto/infra/docker-context-analyser.env","sudo echo AKTO_MONGO_CONN=$AKTO_MONGO_CONN >> ~/akto/infra/docker-context-analyser.env","export TOKEN=$(curl -X PUT 'http://169.254.169.254/latest/api/token' -H 'X-aws-ec2-metadata-token-ttl-seconds: 600')",{"Fn::Join":[":",["export AKTO_CURRENT_INSTANCE_IP=$(curl -H \"X-aws-ec2-metadata-token","$TOKEN\" -v http://169.254.169.254/latest/meta-data/local-ipv4)"]]},"echo AKTO_CURRENT_INSTANCE_IP=$AKTO_CURRENT_INSTANCE_IP >>  ~/akto/infra/docker-context-analyser.env","curl -fsSL 'https://raw.githubusercontent.com/akto-api-security/infra/feature/segregation_2/cf-deploy-akto-start' > cf-deploy-akto-start","sudo chmod 700 cf-deploy-akto-start","./cf-deploy-akto-start < <(echo 'test')"]]}}}},"AktoContextAnalyzerAutoScalingGroup":{"Type":"AWS::AutoScaling::AutoScalingGroup","Properties":{"LaunchConfigurationName":{"Ref":"AktoContextAnalyzerASGLaunchConfiguration"},"VPCZoneIdentifier":[{"Ref":"SubnetId"}],"MaxSize":"1","MinSize":"1"}},"AktoContextAnalyzerInstanceRefreshHandler":{"Type":"AWS::Lambda::Function","Properties":{"Handler":"index.handler","Runtime":"nodejs12.x","Timeout":30,"Role":{"Fn::GetAtt":["InstanceRefreshHandlerLambdaRole","Arn"]},"Code":{"ZipFile":"var aws = require('aws-sdk'); var autoscaling = new aws.AutoScaling(); exports.handler = function(event, context) {\n  var params = {\n    AutoScalingGroupName: 'AktoContextAnalyzerAutoScalingGroup', \n    Preferences: {\n      InstanceWarmup: 200, \n      MinHealthyPercentage: 0\n    }\n  };\n  \n  autoscaling.startInstanceRefresh(params, function(err, data) {\n    if(err) { console.log(err) }\n    else { console.log(data) }\n  })\n};      \n"}}},"RefreshHandlerLambdaBasicExecutionRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"ec2.amazonaws.com"},"Action":"sts:AssumeRole"}]},"Policies":[{"PolicyName":"InvokeLambdaPolicy","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Resource":[{"Fn::GetAtt":["DashboardInstanceRefreshHandler","Arn"]},{"Fn::GetAtt":["TrafficMirroringInstanceRefreshHandler","Arn"]},{"Fn::GetAtt":["AktoContextAnalyzerInstanceRefreshHandler","Arn"]}],"Action":"lambda:InvokeFunction"}]}}]}},"AktoSecurityGroup":{"Type":"AWS::EC2::SecurityGroup","Properties":{"VpcId":{"Fn::GetAtt":["CustomSourceGetVpcDetails","VpcId"]},"GroupDescription":"Enable the ports Akto requires (22, 4789, 8000, 9092)","SecurityGroupIngress":[{"IpProtocol":"tcp","FromPort":22,"ToPort":22,"CidrIp":{"Fn::GetAtt":["CustomSourceGetVpcDetails","CidrBlock"]}},{"IpProtocol":"tcp","FromPort":9092,"ToPort":9092,"CidrIp":{"Fn::GetAtt":["CustomSourceGetVpcDetails","CidrBlock"]}},{"IpProtocol":"udp","FromPort":4789,"ToPort":4789,"CidrIp":{"Fn::GetAtt":["CustomSourceGetVpcDetails","CidrBlock"]}},{"IpProtocol":"tcp","FromPort":8000,"ToPort":8000,"CidrIp":{"Fn::GetAtt":["CustomSourceGetVpcDetails","CidrBlock"]}}],"SecurityGroupEgress":[]}},"AktoASGLaunchConfiguration":{"Type":"AWS::AutoScaling::LaunchConfiguration","DependsOn":["AktoNLB"],"Properties":{"ImageId":{"Fn::FindInMap":["RegionMap",{"Ref":"AWS::Region"},"AMI"]},"InstanceType":"m5a.xlarge","KeyName":{"Ref":"KeyPair"},"AssociatePublicIpAddress":"false","IamInstanceProfile":{"Ref":"IamInstanceProfile"},"SecurityGroups":[{"Ref":"AktoSecurityGroup"}],"BlockDeviceMappings":[{"DeviceName":"/dev/xvda","Ebs":{"VolumeType":"gp2","DeleteOnTermination":"true","VolumeSize":"50","Encrypted":true}}],"MetadataOptions":{"HttpTokens":"required"},"UserData":{"Fn::Base64":{"Fn::Join":["\n",["#!/bin/bash -xe",{"Fn::Sub":"export AKTO_MONGO_CONN='${MongoIp}'"},{"Fn::Sub":"export AKTO_KAFKA_IP='${AktoNLB.DNSName}'"},"touch /tmp/hello.txt","touch ~/hello.txt","sudo yum update -y","sudo yum install -y python python-setuptools","sudo yum install -y docker","sudo dockerd&","sudo mkdir -p /opt/aws/bin","export COMPOSE_FILE=docker-compose-runtime.yml","sudo wget https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz","sudo python -m easy_install --script-dir /opt/aws/bin aws-cfn-bootstrap-latest.tar.gz","curl -fsSL 'https://raw.githubusercontent.com/akto-api-security/infra/feature/segregation_2/cf-deploy-akto' > cf-deploy-akto","sudo chmod 700 cf-deploy-akto","./cf-deploy-akto < <(echo 'test')","sudo echo >> ~/akto/infra/docker-runtime.env","sudo echo AKTO_MONGO_CONN=$AKTO_MONGO_CONN >> ~/akto/infra/docker-runtime.env","sudo echo AKTO_KAFKA_IP=$AKTO_KAFKA_IP >> ~/akto/infra/.env","curl -fsSL 'https://raw.githubusercontent.com/akto-api-security/infra/feature/segregation_2/cf-deploy-akto-start' > cf-deploy-akto-start","sudo chmod 700 cf-deploy-akto-start","./cf-deploy-akto-start < <(echo 'test')"]]}}}},"AktoAutoScalingGroup":{"Type":"AWS::AutoScaling::AutoScalingGroup","Properties":{"LaunchConfigurationName":{"Ref":"AktoASGLaunchConfiguration"},"VPCZoneIdentifier":[{"Ref":"SubnetId"}],"TargetGroupARNs":[{"Ref":"AktoTrafficMirroringTargetGroup"},{"Ref":"AktoKafkaTargetGroup"}],"MaxSize":"10","MinSize":"1"}},"AktoTargetTrackingNetworkPolicy":{"Type":"AWS::AutoScaling::ScalingPolicy","Properties":{"PolicyType":"TargetTrackingScaling","AutoScalingGroupName":{"Ref":"AktoAutoScalingGroup"},"EstimatedInstanceWarmup":30,"TargetTrackingConfiguration":{"PredefinedMetricSpecification":{"PredefinedMetricType":"ASGAverageNetworkIn"},"TargetValue":200000000}}},"AktoNLB":{"Type":"AWS::ElasticLoadBalancingV2::LoadBalancer","Properties":{"Type":"network","Scheme":"internal","IpAddressType":"ipv4","Subnets":[{"Ref":"SubnetId"}],"LoadBalancerAttributes":[{"Key":"load_balancing.cross_zone.enabled","Value":"true"}]}},"AktoTrafficMirroringTargetGroup":{"Type":"AWS::ElasticLoadBalancingV2::TargetGroup","Properties":{"Port":"4789","Protocol":"UDP","HealthCheckEnabled":"true","HealthCheckIntervalSeconds":10,"HealthCheckPath":"/metrics","HealthCheckPort":"8000","HealthCheckProtocol":"HTTP","HealthCheckTimeoutSeconds":6,"HealthyThresholdCount":2,"UnhealthyThresholdCount":2,"TargetType":"instance","VpcId":{"Fn::GetAtt":["CustomSourceGetVpcDetails","VpcId"]},"Targets":[]}},"AktoTrafficMirroringListener":{"Type":"AWS::ElasticLoadBalancingV2::Listener","Properties":{"LoadBalancerArn":{"Ref":"AktoNLB"},"Port":"4789","Protocol":"UDP","DefaultActions":[{"Type":"forward","TargetGroupArn":{"Ref":"AktoTrafficMirroringTargetGroup"}}]}},"AktoKafkaTargetGroup":{"Type":"AWS::ElasticLoadBalancingV2::TargetGroup","Properties":{"Port":"9092","Protocol":"TCP","TargetType":"instance","HealthCheckEnabled":"true","HealthCheckIntervalSeconds":10,"HealthCheckPath":"/metrics","HealthCheckPort":"8000","HealthCheckProtocol":"HTTP","HealthCheckTimeoutSeconds":6,"HealthyThresholdCount":2,"UnhealthyThresholdCount":2,"VpcId":{"Fn::GetAtt":["CustomSourceGetVpcDetails","VpcId"]},"Targets":[]}},"AktoKafkaListener":{"Type":"AWS::ElasticLoadBalancingV2::Listener","Properties":{"LoadBalancerArn":{"Ref":"AktoNLB"},"Port":"9092","Protocol":"TCP","DefaultActions":[{"Type":"forward","TargetGroupArn":{"Ref":"AktoKafkaTargetGroup"}}]}},"DashboardInstanceRefreshHandler":{"Type":"AWS::Lambda::Function","Properties":{"Handler":"index.handler","Runtime":"nodejs12.x","Timeout":30,"Role":{"Fn::GetAtt":["InstanceRefreshHandlerLambdaRole","Arn"]},"Code":{"ZipFile":"var aws = require('aws-sdk'); var autoscaling = new aws.AutoScaling(); exports.handler = function(event, context) {\n  var params = {\n    AutoScalingGroupName: 'AktoDashboardAutoScalingGroup', \n    Preferences: {\n      InstanceWarmup: 200, \n      MinHealthyPercentage: 0\n    }\n  };\n  \n  autoscaling.startInstanceRefresh(params, function(err, data) {\n    if(err) { console.log(err) }\n    else { console.log(data) }\n  })\n};\n"}}},"TrafficMirroringInstanceRefreshHandler":{"Type":"AWS::Lambda::Function","Properties":{"Handler":"index.handler","Runtime":"nodejs12.x","Timeout":30,"Role":{"Fn::GetAtt":["InstanceRefreshHandlerLambdaRole","Arn"]},"Code":{"ZipFile":"var aws = require('aws-sdk'); var autoscaling = new aws.AutoScaling(); exports.handler = function(event, context) {\n  var params = {\n    AutoScalingGroupName: 'AktoAutoScalingGroup', \n    Preferences: {\n      InstanceWarmup: 200, \n      MinHealthyPercentage: 0\n    }\n  };\n  \n  autoscaling.startInstanceRefresh(params, function(err, data) {\n    if(err) { console.log(err) }\n    else { console.log(data) }\n  })\n};\n"}}},"InstanceRefreshHandlerLambdaRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":["lambda.amazonaws.com"]},"Action":["sts:AssumeRole"]}]},"Path":"/service-role/","Policies":[{"PolicyName":"lambdaExecution-DashboardInstanceRefreshHandler","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["logs:CreateLogGroup"],"Resource":"*"},{"Effect":"Allow","Action":["logs:CreateLogStream","logs:PutLogEvents"],"Resource":"*"},{"Effect":"Allow","Action":["autoscaling:StartInstanceRefresh","autoscaling:Describe*","autoscaling:UpdateAutoScalingGroup","ec2:CreateLaunchTemplateVersion","ec2:DescribeLaunchTemplates","ec2:RunInstances"],"Resource":"*"}]}}]}}},"Outputs":{"AktoNLB":{"Value":{"Ref":"AktoNLB"},"Description":"Arn of Akto Network Load Balancer"}}}
\ No newline at end of file
+{"AWSTemplateFormatVersion":"2010-09-09","Description":"This template does a simple setup for all Akto modules. It sets up all modules on a single instance. If you want a scalable and flexible setup, please contact support@akto.io.","Parameters":{"SubnetId":{"Type":"AWS::EC2::Subnet::Id"},"KeyPair":{"Type":"AWS::EC2::KeyPair::KeyName"},"SourceLBs":{"Type":"CommaDelimitedList"},"MongoIp":{"Type":"String"}},"Mappings":{"RegionMap":{"af-south-1":{"AMI":"ami-0adee70ff4394e3d5"},"eu-north-1":{"AMI":"ami-04e8b0e36ed3403dc"},"ap-south-1":{"AMI":"ami-09de362f44ba0a166"},"eu-west-3":{"AMI":"ami-0614433a16ab15878"},"eu-west-2":{"AMI":"ami-030770b178fa9d374"},"eu-south-1":{"AMI":"ami-0432f14b68c3e0273"},"eu-west-1":{"AMI":"ami-0bba0a4cb75835f71"},"ap-northeast-3":{"AMI":"ami-0253beba286f3e848"},"ap-northeast-2":{"AMI":"ami-0e1d09d8b7c751816"},"me-south-1":{"AMI":"ami-07a68e42e669daed0"},"ap-northeast-1":{"AMI":"ami-06ce6680729711877"},"sa-east-1":{"AMI":"ami-0656df2cc0dfd150a"},"ca-central-1":{"AMI":"ami-04c12937e87474def"},"ap-east-1":{"AMI":"ami-0b751f901b93720a5"},"ap-southeast-1":{"AMI":"ami-0adf622550366ea53"},"ap-southeast-2":{"AMI":"ami-03b836d87d294e89e"},"eu-central-1":{"AMI":"ami-094c442a8e9a67935"},"ap-southeast-3":{"AMI":"ami-0483d92a8124da6c9"},"us-east-1":{"AMI":"ami-065efef2c739d613b"},"us-east-2":{"AMI":"ami-07251f912d2a831a3"},"us-west-1":{"AMI":"ami-09b2f6d85764ec71b"},"us-west-2":{"AMI":"ami-0d08ef957f0e4722b"}}},"Resources":{"TrafficMirrorTarget":{"Type":"AWS::EC2::TrafficMirrorTarget","Properties":{"Description":"Traffic Mirror target set to network interface of Akto EC2 instance","Tags":[{"Key":"Name","Value":{"Fn::Join":["",[{"Ref":"AWS::StackName"},"-","Target"]]}},{"Key":"Deployment","Value":"Akto-CloudFormation"}],"NetworkLoadBalancerArn":{"Ref":"AktoNLB"}}},"LBTrafficMirrorFilter":{"Type":"AWS::EC2::TrafficMirrorFilter","Properties":{"Description":"Traffic mirror filter for LBs and Target Groups","NetworkServices":["amazon-dns"],"Tags":[{"Key":"Name","Value":{"Fn::Join":["",[{"Ref":"AWS::StackName"},"-","Filter"]]}},{"Key":"Deployment","Value":"Akto-CloudFormation"}]}},"LambdaLogGroup":{"Type":"AWS::Logs::LogGroup","Properties":{"LogGroupName":{"Fn::Sub":"/aws/lambda/${CreateMirrorSession}"},"RetentionInDays":7}},"LambdaBasicExecutionRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]},"Path":"/","Policies":[{"PolicyName":"LBCreateTrafficMirrorSession","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["ec2:DescribeNetworkInterfaces","ec2:DescribeTrafficMirrorSessions","ec2:DescribeInstances","ec2:DescribeVpcs","elasticloadbalancing:DescribeLoadBalancers","elasticloadbalancing:DescribeTargetGroups","elasticloadbalancing:DescribeTargetHealth","ec2:DescribeTrafficMirrorFilters","ec2:DeleteTrafficMirrorFilterRule","ec2:CreateTrafficMirrorFilterRule","lambda:InvokeFunction"],"Resource":"*"},{"Effect":"Allow","Action":["ec2:CreateTrafficMirrorSession"],"Resource":["arn:aws:ec2:*:*:traffic-mirror-session/*","arn:aws:ec2:*:*:network-interface/*",{"Fn::Join":["",["arn:aws:ec2:*:*:traffic-mirror-target/",{"Ref":"TrafficMirrorTarget"}]]},{"Fn::Join":["",["arn:aws:ec2:*:*:traffic-mirror-filter/*"]]}]},{"Effect":"Allow","Action":["ec2:DeleteTrafficMirrorSession"],"Resource":["arn:aws:ec2:*:*:traffic-mirror-session/*"]}]}}]}},"GetAktoSetupDetailsLambdaBasicExecutionRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]},"Path":"/","Policies":[{"PolicyName":"GetAktoSetupDetailsExecuteLambda","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["ec2:DescribeNetworkInterfaces","ec2:DescribeTrafficMirrorSessions","ec2:DescribeInstances","ec2:DescribeVpcs","elasticloadbalancing:DescribeLoadBalancers","elasticloadbalancing:DescribeTargetGroups","elasticloadbalancing:DescribeTargetHealth"],"Resource":"*"}]}}]}},"LambdaLogPermissions":{"Type":"AWS::IAM::Policy","Properties":{"Roles":[{"Ref":"LambdaBasicExecutionRole"}],"PolicyName":{"Fn::Sub":"${AWS::Region}-LambdaLogGroup"},"PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["logs:CreateLogStream","logs:PutLogEvents"],"Resource":[{"Fn::Sub":"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/${CreateMirrorSession}"},{"Fn::Sub":"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/${CreateMirrorSession}:*"},{"Fn::Sub":"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/${CreateMirrorSession}:*:*"}]}]}}},"GetAktoSetupDetails":{"Type":"AWS::Lambda::Function","Properties":{"Runtime":"nodejs12.x","Timeout":60,"Role":{"Fn::GetAtt":["GetAktoSetupDetailsLambdaBasicExecutionRole","Arn"]},"Handler":"index.handler","Environment":{"Variables":{"TARGET_LB":{"Ref":"AktoNLB"}}},"Code":{"S3Bucket":{"Fn::Sub":"akto-setup-${AWS::Region}"},"S3Key":"templates/get-akto-setup-details.zip"}}},"CustomSourceAktoSetupDetails":{"Type":"AWS::CloudFormation::CustomResource","Properties":{"ServiceToken":{"Fn::GetAtt":["GetAktoSetupDetails","Arn"]}}},"CreateMirrorSession":{"Type":"AWS::Lambda::Function","Properties":{"Runtime":"nodejs12.x","Timeout":300,"Role":{"Fn::GetAtt":["LambdaBasicExecutionRole","Arn"]},"Handler":"index.handler","Environment":{"Variables":{"ELB_NAMES":{"Fn::Join":[",",{"Ref":"SourceLBs"}]},"TRAFFIC_MIRROR_FILTER_ID":{"Ref":"LBTrafficMirrorFilter"},"TRAFFIC_MIRROR_TARGET_ID":{"Ref":"TrafficMirrorTarget"},"TARGET_LB":{"Ref":"AktoNLB"},"SAVE_COLLECTION_NAMES_LAMBDA_ARN":{"Fn::GetAtt":["SaveCollectionNames","Arn"]}}},"Code":{"S3Bucket":{"Fn::Sub":"akto-setup-${AWS::Region}"},"S3Key":"templates/create-mirror-session.zip"},"Description":"Auto create mirroring configuration","TracingConfig":{"Mode":"Active"}}},"PeriodicEventRule":{"Type":"AWS::Events::Rule","Properties":{"Description":"Generate an event periodically","Name":{"Fn::Join":["",[{"Ref":"AWS::StackName"},"-","PeriodicRule"]]},"ScheduleExpression":"rate(15 minutes)","State":"ENABLED","Targets":[{"Arn":{"Fn::GetAtt":["CreateMirrorSession","Arn"]},"Id":{"Ref":"CreateMirrorSession"}}]}},"PeriodicEventPermission":{"Type":"AWS::Lambda::Permission","Properties":{"FunctionName":{"Fn::GetAtt":["CreateMirrorSession","Arn"]},"Action":"lambda:InvokeFunction","Principal":"events.amazonaws.com","SourceAccount":{"Ref":"AWS::AccountId"},"SourceArn":{"Fn::GetAtt":["PeriodicEventRule","Arn"]}}},"LambdaVPCAccessRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]},"Path":"/","Policies":[{"PolicyName":"LambdaBasicAccessVPCPolicy","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["ec2:DescribeNetworkInterfaces","ec2:DescribeInstances","ec2:CreateNetworkInterface","ec2:DeleteNetworkInterface","ec2:AttachNetworkInterface"],"Resource":"*"}]}}]}},"LambdaSecurityGroupVPC":{"Type":"AWS::EC2::SecurityGroup","Properties":{"VpcId":{"Fn::GetAtt":["CustomSourceAktoSetupDetails","VpcId"]},"GroupDescription":"Security group is required to create a lambda inside a VPC","SecurityGroupEgress":[{"IpProtocol":"tcp","FromPort":9092,"ToPort":9092,"CidrIp":"0.0.0.0/0"}]}},"SaveCollectionNames":{"Type":"AWS::Lambda::Function","Properties":{"Runtime":"nodejs12.x","Timeout":60,"Role":{"Fn::GetAtt":["LambdaVPCAccessRole","Arn"]},"Handler":"nodejs/index.handler","VpcConfig":{"SecurityGroupIds":[{"Fn::GetAtt":["LambdaSecurityGroupVPC","GroupId"]}],"SubnetIds":{"Fn::GetAtt":["CustomSourceAktoSetupDetails","SubnetId"]}},"Environment":{"Variables":{"PRIVATE_IP":{"Fn::GetAtt":["CustomSourceAktoSetupDetails","kafkaIp"]},"SUCCESS_ENIS":{"Fn::GetAtt":["CustomSourceAktoSetupDetails","successEnis"]}}},"Code":{"S3Bucket":{"Fn::Sub":"akto-setup-${AWS::Region}"},"S3Key":"templates/mirroring-collections-split.zip"},"Description":"Send collection name to id mapping to Akto modules","TracingConfig":{"Mode":"Active"}}},"GetVpcDetailsLambdaRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":["lambda.amazonaws.com"]},"Action":["sts:AssumeRole"]}]},"Path":"/","Policies":[{"PolicyName":"DescribeAssetsPolicy","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["ec2:DescribeVpcs","ec2:DescribeSubnets"],"Resource":"*"}]}}]}},"GetVpcDetailsLambda":{"Type":"AWS::Lambda::Function","Properties":{"Description":"Look up info from a VPC","Handler":"index.handler","Runtime":"nodejs12.x","Timeout":30,"Role":{"Fn::GetAtt":["GetVpcDetailsLambdaRole","Arn"]},"Environment":{"Variables":{"SUBNET_ID":{"Ref":"SubnetId"}}},"Code":{"ZipFile":"var SUBNET_ID = process.env.SUBNET_ID; var aws = require('aws-sdk'); var response = require('cfn-response'); var ec2 = new aws.EC2(); exports.handler = async function(event, context) {\n    if (event.RequestType == 'Delete') {\n       await response.send(event, context, 'SUCCESS');\n       return;\n    }\n    var params = {\n       SubnetIds: [SUBNET_ID] \n    };\n    var subnets = await ec2.describeSubnets(params).promise().catch(err => {\n       console.error(err);\n    });\n    var vpcId = subnets['Subnets'][0]['VpcId'];\n    var vpcs = await ec2.describeVpcs({VpcIds: [vpcId]}).promise().catch(err => {\n       console.error(err);\n    });\n    await response.send(event, context, 'SUCCESS', {CidrBlock: vpcs['Vpcs'][0]['CidrBlock'], VpcId: vpcId})\n};\n"}}},"CustomSourceGetVpcDetails":{"Type":"AWS::CloudFormation::CustomResource","Properties":{"ServiceToken":{"Fn::GetAtt":["GetVpcDetailsLambda","Arn"]}}},"IamInstanceProfile":{"Type":"AWS::IAM::InstanceProfile","Properties":{"Path":"/","Roles":[{"Ref":"RefreshHandlerLambdaBasicExecutionRole"}]}},"AktoContextAnalyzerSecurityGroup":{"Type":"AWS::EC2::SecurityGroup","Properties":{"VpcId":{"Fn::GetAtt":["CustomSourceGetVpcDetails","VpcId"]},"GroupDescription":"Enable the ports Akto requires (22, 9092)","SecurityGroupIngress":[{"IpProtocol":"tcp","FromPort":22,"ToPort":22,"CidrIp":{"Fn::GetAtt":["CustomSourceGetVpcDetails","CidrBlock"]}},{"IpProtocol":"tcp","FromPort":9092,"ToPort":9092,"CidrIp":{"Fn::GetAtt":["CustomSourceGetVpcDetails","CidrBlock"]}}],"SecurityGroupEgress":[]}},"AktoContextAnalyzerASGLaunchConfiguration":{"Type":"AWS::AutoScaling::LaunchConfiguration","Properties":{"ImageId":{"Fn::FindInMap":["RegionMap",{"Ref":"AWS::Region"},"AMI"]},"InstanceType":"m5a.xlarge","KeyName":{"Ref":"KeyPair"},"AssociatePublicIpAddress":"false","SecurityGroups":[{"Ref":"AktoContextAnalyzerSecurityGroup"}],"BlockDeviceMappings":[{"DeviceName":"/dev/xvda","Ebs":{"VolumeType":"gp2","DeleteOnTermination":"true","VolumeSize":"50","Encrypted":true}}],"MetadataOptions":{"HttpTokens":"required"},"UserData":{"Fn::Base64":{"Fn::Join":["\n",["#!/bin/bash -xe",{"Fn::Sub":"export AKTO_MONGO_CONN='${MongoIp}'"},"touch /tmp/hello.txt","touch ~/hello.txt","sudo yum update -y","sudo yum install -y python python-setuptools","sudo yum install -y docker","sudo dockerd&","sudo mkdir -p /opt/aws/bin","export COMPOSE_FILE=docker-compose-context-analyser.yml","sudo wget https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz","sudo python -m easy_install --script-dir /opt/aws/bin aws-cfn-bootstrap-latest.tar.gz","curl -fsSL 'https://raw.githubusercontent.com/akto-api-security/infra/feature/segregation_2/cf-deploy-akto' > cf-deploy-akto","sudo chmod 700 cf-deploy-akto","./cf-deploy-akto < <(echo 'test')","sudo echo >> ~/akto/infra/docker-context-analyser.env","sudo echo AKTO_MONGO_CONN=$AKTO_MONGO_CONN >> ~/akto/infra/docker-context-analyser.env","export TOKEN=$(curl -X PUT 'http://169.254.169.254/latest/api/token' -H 'X-aws-ec2-metadata-token-ttl-seconds: 600')",{"Fn::Join":[":",["export AKTO_CURRENT_INSTANCE_IP=$(curl -H \"X-aws-ec2-metadata-token","$TOKEN\" -v http://169.254.169.254/latest/meta-data/local-ipv4)"]]},"echo AKTO_CURRENT_INSTANCE_IP=$AKTO_CURRENT_INSTANCE_IP >>  ~/akto/infra/docker-context-analyser.env","curl -fsSL 'https://raw.githubusercontent.com/akto-api-security/infra/feature/segregation_2/cf-deploy-akto-start' > cf-deploy-akto-start","sudo chmod 700 cf-deploy-akto-start","./cf-deploy-akto-start < <(echo 'test')"]]}}}},"AktoContextAnalyzerAutoScalingGroup":{"Type":"AWS::AutoScaling::AutoScalingGroup","Properties":{"LaunchConfigurationName":{"Ref":"AktoContextAnalyzerASGLaunchConfiguration"},"VPCZoneIdentifier":[{"Ref":"SubnetId"}],"MaxSize":"1","MinSize":"1"}},"AktoContextAnalyzerInstanceRefreshHandler":{"Type":"AWS::Lambda::Function","Properties":{"Handler":"index.handler","Runtime":"nodejs12.x","Timeout":30,"Role":{"Fn::GetAtt":["InstanceRefreshHandlerLambdaRole","Arn"]},"Code":{"ZipFile":"var aws = require('aws-sdk'); var autoscaling = new aws.AutoScaling(); exports.handler = function(event, context) {\n  var params = {\n    AutoScalingGroupName: 'AktoContextAnalyzerAutoScalingGroup', \n    Preferences: {\n      InstanceWarmup: 200, \n      MinHealthyPercentage: 0\n    }\n  };\n  \n  autoscaling.startInstanceRefresh(params, function(err, data) {\n    if(err) { console.log(err) }\n    else { console.log(data) }\n  })\n};      \n"}}},"RefreshHandlerLambdaBasicExecutionRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"ec2.amazonaws.com"},"Action":"sts:AssumeRole"}]},"Policies":[{"PolicyName":"InvokeLambdaPolicy","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Resource":[{"Fn::GetAtt":["DashboardInstanceRefreshHandler","Arn"]},{"Fn::GetAtt":["TrafficMirroringInstanceRefreshHandler","Arn"]},{"Fn::GetAtt":["AktoContextAnalyzerInstanceRefreshHandler","Arn"]}],"Action":"lambda:InvokeFunction"}]}}]}},"AktoSecurityGroup":{"Type":"AWS::EC2::SecurityGroup","Properties":{"VpcId":{"Fn::GetAtt":["CustomSourceGetVpcDetails","VpcId"]},"GroupDescription":"Enable the ports Akto requires (22, 4789, 8000, 9092)","SecurityGroupIngress":[{"IpProtocol":"tcp","FromPort":22,"ToPort":22,"CidrIp":{"Fn::GetAtt":["CustomSourceGetVpcDetails","CidrBlock"]}},{"IpProtocol":"tcp","FromPort":9092,"ToPort":9092,"CidrIp":{"Fn::GetAtt":["CustomSourceGetVpcDetails","CidrBlock"]}},{"IpProtocol":"udp","FromPort":4789,"ToPort":4789,"CidrIp":{"Fn::GetAtt":["CustomSourceGetVpcDetails","CidrBlock"]}},{"IpProtocol":"tcp","FromPort":8000,"ToPort":8000,"CidrIp":{"Fn::GetAtt":["CustomSourceGetVpcDetails","CidrBlock"]}}],"SecurityGroupEgress":[]}},"AktoASGLaunchConfiguration":{"Type":"AWS::AutoScaling::LaunchConfiguration","DependsOn":["AktoNLB"],"Properties":{"ImageId":{"Fn::FindInMap":["RegionMap",{"Ref":"AWS::Region"},"AMI"]},"InstanceType":"m5a.xlarge","KeyName":{"Ref":"KeyPair"},"AssociatePublicIpAddress":"false","IamInstanceProfile":{"Ref":"IamInstanceProfile"},"SecurityGroups":[{"Ref":"AktoSecurityGroup"}],"BlockDeviceMappings":[{"DeviceName":"/dev/xvda","Ebs":{"VolumeType":"gp2","DeleteOnTermination":"true","VolumeSize":"50","Encrypted":true}}],"MetadataOptions":{"HttpTokens":"required"},"UserData":{"Fn::Base64":{"Fn::Join":["\n",["#!/bin/bash -xe",{"Fn::Sub":"export AKTO_MONGO_CONN='${MongoIp}'"},{"Fn::Sub":"export AKTO_KAFKA_IP='${AktoNLB.DNSName}'"},"touch /tmp/hello.txt","touch ~/hello.txt","sudo yum update -y","sudo yum install -y python python-setuptools","sudo yum install -y docker","sudo dockerd&","sudo mkdir -p /opt/aws/bin","export COMPOSE_FILE=docker-compose-runtime.yml","sudo wget https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz","sudo python -m easy_install --script-dir /opt/aws/bin aws-cfn-bootstrap-latest.tar.gz","curl -fsSL 'https://raw.githubusercontent.com/akto-api-security/infra/feature/segregation_2/cf-deploy-akto' > cf-deploy-akto","sudo chmod 700 cf-deploy-akto","./cf-deploy-akto < <(echo 'test')","sudo echo >> ~/akto/infra/docker-runtime.env","sudo echo AKTO_MONGO_CONN=$AKTO_MONGO_CONN >> ~/akto/infra/docker-runtime.env","sudo echo AKTO_KAFKA_IP=$AKTO_KAFKA_IP >> ~/akto/infra/.env","curl -fsSL 'https://raw.githubusercontent.com/akto-api-security/infra/feature/segregation_2/cf-deploy-akto-start' > cf-deploy-akto-start","sudo chmod 700 cf-deploy-akto-start","./cf-deploy-akto-start < <(echo 'test')"]]}}}},"AktoAutoScalingGroup":{"Type":"AWS::AutoScaling::AutoScalingGroup","Properties":{"LaunchConfigurationName":{"Ref":"AktoASGLaunchConfiguration"},"VPCZoneIdentifier":[{"Ref":"SubnetId"}],"TargetGroupARNs":[{"Ref":"AktoTrafficMirroringTargetGroup"},{"Ref":"AktoKafkaTargetGroup"}],"MaxSize":"10","MinSize":"1"}},"AktoTargetTrackingNetworkPolicy":{"Type":"AWS::AutoScaling::ScalingPolicy","Properties":{"PolicyType":"TargetTrackingScaling","AutoScalingGroupName":{"Ref":"AktoAutoScalingGroup"},"EstimatedInstanceWarmup":30,"TargetTrackingConfiguration":{"PredefinedMetricSpecification":{"PredefinedMetricType":"ASGAverageNetworkIn"},"TargetValue":200000000}}},"AktoNLB":{"Type":"AWS::ElasticLoadBalancingV2::LoadBalancer","Properties":{"Type":"network","Scheme":"internal","IpAddressType":"ipv4","Subnets":[{"Ref":"SubnetId"}],"LoadBalancerAttributes":[{"Key":"load_balancing.cross_zone.enabled","Value":"true"}]}},"AktoTrafficMirroringTargetGroup":{"Type":"AWS::ElasticLoadBalancingV2::TargetGroup","Properties":{"Port":"4789","Protocol":"UDP","HealthCheckEnabled":"true","HealthCheckIntervalSeconds":10,"HealthCheckPath":"/metrics","HealthCheckPort":"8000","HealthCheckProtocol":"HTTP","HealthCheckTimeoutSeconds":6,"HealthyThresholdCount":2,"UnhealthyThresholdCount":2,"TargetType":"instance","VpcId":{"Fn::GetAtt":["CustomSourceGetVpcDetails","VpcId"]},"Targets":[]}},"AktoTrafficMirroringListener":{"Type":"AWS::ElasticLoadBalancingV2::Listener","Properties":{"LoadBalancerArn":{"Ref":"AktoNLB"},"Port":"4789","Protocol":"UDP","DefaultActions":[{"Type":"forward","TargetGroupArn":{"Ref":"AktoTrafficMirroringTargetGroup"}}]}},"AktoKafkaTargetGroup":{"Type":"AWS::ElasticLoadBalancingV2::TargetGroup","Properties":{"Port":"9092","Protocol":"TCP","TargetType":"instance","HealthCheckEnabled":"true","HealthCheckIntervalSeconds":10,"HealthCheckPath":"/metrics","HealthCheckPort":"8000","HealthCheckProtocol":"HTTP","HealthCheckTimeoutSeconds":6,"HealthyThresholdCount":2,"UnhealthyThresholdCount":2,"VpcId":{"Fn::GetAtt":["CustomSourceGetVpcDetails","VpcId"]},"Targets":[]}},"AktoKafkaListener":{"Type":"AWS::ElasticLoadBalancingV2::Listener","Properties":{"LoadBalancerArn":{"Ref":"AktoNLB"},"Port":"9092","Protocol":"TCP","DefaultActions":[{"Type":"forward","TargetGroupArn":{"Ref":"AktoKafkaTargetGroup"}}]}},"DashboardInstanceRefreshHandler":{"Type":"AWS::Lambda::Function","Properties":{"Handler":"index.handler","Runtime":"nodejs12.x","Timeout":30,"Role":{"Fn::GetAtt":["InstanceRefreshHandlerLambdaRole","Arn"]},"Code":{"ZipFile":"var aws = require('aws-sdk'); var autoscaling = new aws.AutoScaling(); exports.handler = function(event, context) {\n  var params = {\n    AutoScalingGroupName: 'AktoDashboardAutoScalingGroup', \n    Preferences: {\n      InstanceWarmup: 200, \n      MinHealthyPercentage: 0\n    }\n  };\n  \n  autoscaling.startInstanceRefresh(params, function(err, data) {\n    if(err) { console.log(err) }\n    else { console.log(data) }\n  })\n};\n"}}},"TrafficMirroringInstanceRefreshHandler":{"Type":"AWS::Lambda::Function","Properties":{"Handler":"index.handler","Runtime":"nodejs12.x","Timeout":30,"Role":{"Fn::GetAtt":["InstanceRefreshHandlerLambdaRole","Arn"]},"Code":{"ZipFile":"var aws = require('aws-sdk'); var autoscaling = new aws.AutoScaling(); exports.handler = function(event, context) {\n  var params = {\n    AutoScalingGroupName: 'AktoAutoScalingGroup', \n    Preferences: {\n      InstanceWarmup: 200, \n      MinHealthyPercentage: 0\n    }\n  };\n  \n  autoscaling.startInstanceRefresh(params, function(err, data) {\n    if(err) { console.log(err) }\n    else { console.log(data) }\n  })\n};\n"}}},"InstanceRefreshHandlerLambdaRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":["lambda.amazonaws.com"]},"Action":["sts:AssumeRole"]}]},"Path":"/service-role/","Policies":[{"PolicyName":"lambdaExecution-DashboardInstanceRefreshHandler","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["logs:CreateLogGroup"],"Resource":"*"},{"Effect":"Allow","Action":["logs:CreateLogStream","logs:PutLogEvents"],"Resource":"*"},{"Effect":"Allow","Action":["autoscaling:StartInstanceRefresh","autoscaling:Describe*","autoscaling:UpdateAutoScalingGroup","ec2:CreateLaunchTemplateVersion","ec2:DescribeLaunchTemplates","ec2:RunInstances"],"Resource":"*"}]}}]}}},"Outputs":{"AktoNLB":{"Value":{"Ref":"AktoNLB"},"Description":"Arn of Akto Network Load Balancer"}}}
\ No newline at end of file
diff --git a/apps/dashboard/web/src/apps/dashboard/layouts/LayoutWithTabs.vue b/apps/dashboard/web/src/apps/dashboard/layouts/LayoutWithTabs.vue
index 2ed10ec395..e7b1018d93 100644
--- a/apps/dashboard/web/src/apps/dashboard/layouts/LayoutWithTabs.vue
+++ b/apps/dashboard/web/src/apps/dashboard/layouts/LayoutWithTabs.vue
@@ -57,11 +57,12 @@
             tabs: obj.arrR,
             description: obj.strN,
             defaultTabName: obj.strN,
-            tabsContent: obj.objN
+            tabsContent: obj.objN,
+            tab: obj.strN
         },
         data () {
             return {
-                tabName: null
+                tabName: parseInt(this.tab) || null
             }
         },
         methods: {
diff --git a/apps/dashboard/web/src/apps/dashboard/views/observe/inventory/components/TestsSelector.vue b/apps/dashboard/web/src/apps/dashboard/views/observe/inventory/components/TestsSelector.vue
index 1454385de6..c15a5f8d43 100644
--- a/apps/dashboard/web/src/apps/dashboard/views/observe/inventory/components/TestsSelector.vue
+++ b/apps/dashboard/web/src/apps/dashboard/views/observe/inventory/components/TestsSelector.vue
@@ -2,7 +2,11 @@
     <spinner v-if="loading"/>
     <a-card  v-else title="Configure test" icon="$fas_cog" class="tests-selector-container">
         <div class="mx-8 my-4">
-            <div class="d-flex">
+            <div v-if="!authPresent">
+                Please set an authentication mechanism <a target="_blank" class="clickable-link" href="/dashboard/testing/active?tab=1">here</a> before you test any APIs.
+            </div>
+            <div :class="disableLinkClass">
+            <div class="d-flex" >
                 <div class="name-div">Name: </div>
                 <name-input :defaultName="collectionName" :defaultSuffixes="nameSuffixes" @changed="setTestName" />
             </div>
@@ -58,7 +62,7 @@
             </div>
 
             <schedule-box @schedule="emitTestSelection" class="mt-2"/>
-
+            </div>
         </div>
     </a-card>
 </template>
@@ -67,6 +71,7 @@
 
 import marketplaceApi from '../../../marketplace/api'
 import issuesApi from '../../../issues/api'
+import testingApi from '../../../testing/api'
 import Spinner from '@/apps/dashboard/shared/components/Spinner'
 import ScheduleBox from '@/apps/dashboard/shared/components/ScheduleBox'
 import func from '@/util/func'
@@ -96,7 +101,9 @@ export default {
             startTimestamp: func.timeNow(),
             selectedCategory: null,
             globalCheckbox: false,
-            testName: ""
+            testName: "",
+            authPresent: false,
+            disableLinkClass: 'disable-div'
         }
     },
     mounted() {
@@ -111,7 +118,12 @@ export default {
                 _this.mapCategoryToSubcategory = _this.populateMapCategoryToSubcategory()
             })
         })
-        
+        testingApi.fetchAuthMechanismData().then(resp => {
+            if(resp.authMechanism){
+                this.authPresent = true;
+                this.disableLinkClass = ''
+            }
+        })
         
     },
     methods: {
@@ -246,4 +258,11 @@ export default {
     margin: auto 8px auto 0
     font-size: 14px
     font-weight: 500
+
+.clickable-link
+    color: #6200ea !important
+
+.disable-div
+    pointer-events: none
+    opacity: 0.4
 </style>
\ No newline at end of file
diff --git a/apps/dashboard/web/src/apps/dashboard/views/testing/PageTesting.vue b/apps/dashboard/web/src/apps/dashboard/views/testing/PageTesting.vue
index d05bae22da..975b68ff52 100644
--- a/apps/dashboard/web/src/apps/dashboard/views/testing/PageTesting.vue
+++ b/apps/dashboard/web/src/apps/dashboard/views/testing/PageTesting.vue
@@ -1,5 +1,5 @@
 <template>
-    <layout-with-tabs title="API Testing" class="page-testing" :tabs='["Test results", "User config", "Roles"]'>
+    <layout-with-tabs title="API Testing" class="page-testing" :tabs='["Test results", "User config", "Roles"]' :tab="tab">
         <template slot="Test results">
             <div class="py-8">
                 <div>
@@ -40,7 +40,7 @@
                             <p> 1 </p>
                         </div>
                         <div>
-                            <h3> Inject hard-coded auth token </h3>
+                            <h3> Inject hard-coded attacker auth token </h3>
                         </div>
                     </div>
                     <!-- <div>
@@ -83,7 +83,7 @@
                         </div>
                         
                         <div>
-                            <h3> Automate auth token generation </h3>
+                            <h3> Automate attacker auth token generation </h3>
                         </div>
                     </div>
                     
@@ -153,6 +153,7 @@ import ApiCollectionGroup from '@/apps/dashboard/shared/components/menus/ApiColl
 import LoginStepBuilder from './components/token/LoginStepBuilder'
 import TokenAutomation from './components/token/TokenAutomation'
 import HelpTooltip from '@/apps/dashboard/shared/components/help/HelpTooltip'
+import obj from "@/util/obj";
 
 export default {
     name: "PageTesting",
@@ -172,7 +173,7 @@ export default {
         LogFetch
     },
     props: {
-
+        tab: obj.strN
     },
     data() {
         return {
diff --git a/apps/dashboard/web/src/apps/dashboard/views/testing/components/TestResultsDialog.vue b/apps/dashboard/web/src/apps/dashboard/views/testing/components/TestResultsDialog.vue
index 9d4726b010..acb6ee6c33 100644
--- a/apps/dashboard/web/src/apps/dashboard/views/testing/components/TestResultsDialog.vue
+++ b/apps/dashboard/web/src/apps/dashboard/views/testing/components/TestResultsDialog.vue
@@ -106,7 +106,15 @@
                             </div>
                             <div style="margin-left: 24px">
                                 <div class="d-flex jc-sb mr-3">
-                                    <span class="description-title mt-4">Test response matches {{ percentageMatch }}% with original API response</span>
+                                    <span class="description-title mt-4">
+                                        Test response matches {{ percentageMatch }}% with original API response
+
+                                        <v-chip v-if="isVulnerableAttempt" :style="{ 'height': '18px !important' }" class="ml-2 mr-2" color="rgba(255, 0, 0, 0.5)" text-color="#FFFFFF">
+                                            Vulnerable Attempt
+                                        </v-chip>
+                                    </span>
+                                    <span>
+                                    </span>
                                     <v-btn v-if="messagesBasic.length > 1" icon @click="nextClicked">
                                         <v-icon>$fas_angle-double-right</v-icon>
                                     </v-btn>
@@ -232,7 +240,7 @@ export default {
             let testSubType = this.testingRunResult["testSubType"]
             let singleTypeInfos = this.testingRunResult["singleTypeInfos"]
             let highlightPaths = this.buildHighlightPaths(singleTypeInfos);
-            return this.testingRunResult["testResults"].map(x => { return { message: x.originalMessage, title: testSubType, highlightPaths: highlightPaths, errors: x.errors, percentageMatch: x.percentageMatch } })
+            return this.testingRunResult["testResults"].map(x => { return { message: x.originalMessage, title: testSubType, highlightPaths: highlightPaths, errors: x.errors, percentageMatch: x.percentageMatch, vulnerable: x.vulnerable } })
         },
         jsonBasic: function () {
             if (this.testingRunResult == null) return null
@@ -254,6 +262,11 @@ export default {
                 return null
             }
         },
+        isVulnerableAttempt: function () {
+            if (this.testingRunResult == null) return null
+            let currentMessage = this.messagesAdvance[this.currentIndex]
+            return currentMessage ? currentMessage["vulnerable"] : null
+        },
         jsonAdvance: function () {
             if (this.testingRunResult == null) return null
             let currentMessage = this.messagesAdvance[this.currentIndex]
diff --git a/apps/dashboard/web/src/apps/dashboard/views/testing/components/TestingRunResults.vue b/apps/dashboard/web/src/apps/dashboard/views/testing/components/TestingRunResults.vue
index 225c493702..9087ea2eda 100644
--- a/apps/dashboard/web/src/apps/dashboard/views/testing/components/TestingRunResults.vue
+++ b/apps/dashboard/web/src/apps/dashboard/views/testing/components/TestingRunResults.vue
@@ -25,8 +25,19 @@
                 @dateClicked=dateClicked
             />     
             <div class="testing-results-header" v-if="currentTest">
-                <span>Test results: </span>    
-                <span>{{selectedDateStr()}}</span>
+                <div>
+                    <span>Test results: </span>    
+                    <span>{{selectedDateStr()}}</span>
+                </div>
+                <div style="display: flex; text-transform: capitalize;">
+                    <div v-if="this.currentTest.state">Test status: {{this.currentTest.state.toLowerCase()}}</div>
+                    <div v-if="this.currentTest.state === 'SCHEDULED' || this.currentTest.state === 'RUNNING' " style="padding-left: 6px; padding-top: 4px;">
+                        <v-progress-circular indeterminate color="primary" :size="12" :width="1.5"></v-progress-circular>
+                    </div>
+                    <span v-if="this.currentTest.state === 'COMPLETED'" style="padding-top: 4px;">
+                        <v-icon color="green" :size="14">$fas_check-circle</v-icon>
+                    </span>
+                </div>
             </div>                  
             <simple-table
                 :headers="testingRunResultsHeaders" 
@@ -354,4 +365,7 @@ export default {
     font-size: 14px        
     font-weight: 500
     color: #47466A80
+    display: flex
+    justify-content: space-between
+    padding-right: 24px
 </style>
\ No newline at end of file
diff --git a/apps/dashboard/web/src/apps/main/router/index.js b/apps/dashboard/web/src/apps/main/router/index.js
index 237af87299..bfc1caf3ec 100644
--- a/apps/dashboard/web/src/apps/main/router/index.js
+++ b/apps/dashboard/web/src/apps/main/router/index.js
@@ -70,6 +70,11 @@ const router =  new Router({
                     components: {
                         default: PageTesting
                     },
+                    props: {
+                        default: route => ({
+                            tab: route.query.tab
+                        })
+                    },
                     children: [
                         {
                             path: 'active',
diff --git a/apps/dashboard/web/src/util/func.js b/apps/dashboard/web/src/util/func.js
index 90b2286ae2..a5afbac1d4 100644
--- a/apps/dashboard/web/src/util/func.js
+++ b/apps/dashboard/web/src/util/func.js
@@ -147,7 +147,7 @@ export default {
         var d = date.getDate();
         var m = strArray[date.getMonth()];
         var y = date.getFullYear();
-        return m + ' ' + d + ', ' + (needYear ? y: '' ) + ' ' + date.toISOString().substr(11,5)
+        return m + ' ' + d + ', ' + (needYear ? y: '' ) + ' ' + date.toTimeString().substr(0, 5)
     },
     toDateStrShort(date) {
         var d = "" + date.getDate();
diff --git a/apps/testing/src/main/java/com/akto/rules/FuzzingTest.java b/apps/testing/src/main/java/com/akto/rules/FuzzingTest.java
index a2690f1702..9988d3f04b 100644
--- a/apps/testing/src/main/java/com/akto/rules/FuzzingTest.java
+++ b/apps/testing/src/main/java/com/akto/rules/FuzzingTest.java
@@ -16,6 +16,7 @@
 import com.akto.utils.RedactSampleData;
 import com.google.common.io.Files;
 
+import kotlin.text.Charsets;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.yaml.snakeyaml.Yaml;
@@ -23,8 +24,11 @@
 import java.io.*;
 import java.net.URL;
 import java.net.URLConnection;
+import java.nio.charset.Charset;
 import java.nio.charset.StandardCharsets;
 import java.util.*;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
 public class FuzzingTest extends TestPlugin {
 
@@ -34,16 +38,19 @@ public class FuzzingTest extends TestPlugin {
     private String tempTemplatePath;
     private final String subcategory;
     private String testSourceConfigCategory;
+    private final Map<String, Object> valuesMap;
 
     public static final int payloadLineLimit = 100;
 
-    public FuzzingTest(String testRunId, String testRunResultSummaryId, String origTemplatePath, String subcategory, String testSourceConfigCategory) {
+    public FuzzingTest(String testRunId, String testRunResultSummaryId, String origTemplatePath, String subcategory,
+                       String testSourceConfigCategory, Map<String, Object> valuesMap) {
         this.testRunId = testRunId;
         this.testRunResultSummaryId = testRunResultSummaryId;
         this.origTemplatePath = origTemplatePath;
         this.subcategory = subcategory;
         this.testSourceConfigCategory = testSourceConfigCategory;
         this.tempTemplatePath = null;
+        this.valuesMap = valuesMap;
     }
 
     public static File createDirPath(String filePath) {
@@ -78,11 +85,14 @@ public Result start(ApiInfo.ApiInfoKey apiInfoKey, TestingUtil testingUtil) {
             rawApi = messages.get(0);
         }
 
-        List<TestResult> testResults = new ArrayList<>();
-        OriginalHttpRequest testRequest = rawApi.getRequest().copy();
+        return runNucleiTest(rawApi);
+    }
 
+    public Result runNucleiTest(RawApi rawApi) {
+        OriginalHttpRequest testRequest = rawApi.getRequest().copy();
         OriginalHttpResponse originalHttpResponse = rawApi.getResponse().copy();
-
+        String originalMessage = rawApi.getOriginalMessage();
+        List<TestResult> testResults = new ArrayList<>();
         ApiExecutionDetails apiExecutionDetails;
 
         String subDir = ""+testRequest.hashCode();
@@ -102,7 +112,7 @@ public Result start(ApiInfo.ApiInfoKey apiInfoKey, TestingUtil testingUtil) {
             FileUtils.copyURLToFile(new URL(this.origTemplatePath), new File(this.tempTemplatePath));
         } catch (IOException e1) {
             e1.printStackTrace();
-            return addWithRequestError( rawApi.getOriginalMessage(), TestResult.TestError.FAILED_DOWNLOADING_NUCLEI_TEMPLATE, testRequest, nucleiTestInfo);
+            return addWithRequestError( originalMessage, TestResult.TestError.FAILED_DOWNLOADING_NUCLEI_TEMPLATE, testRequest, nucleiTestInfo);
         }
 
         try {
@@ -114,24 +124,31 @@ public Result start(ApiInfo.ApiInfoKey apiInfoKey, TestingUtil testingUtil) {
 
         String fullUrlWithHost;
         try {
-             fullUrlWithHost = testRequest.getFullUrlIncludingDomain();
+            fullUrlWithHost = testRequest.getFullUrlIncludingDomain();
         } catch (Exception e) {
             loggerMaker.errorAndAddToDb("Error while getting full url including domain: " + e, LogDb.TESTING);
             return addWithRequestError( rawApi.getOriginalMessage(), TestResult.TestError.FAILED_BUILDING_URL_WITH_DOMAIN, testRequest, nucleiTestInfo);
         }
 
+        try {
+            replaceVariables(this.tempTemplatePath, valuesMap);
+        } catch (Exception e) {
+            loggerMaker.errorAndAddToDb("Error while replacing variables in nuclei file: " + e, LogDb.TESTING);
+            return addWithRequestError( originalMessage, TestResult.TestError.FAILED_BUILDING_URL_WITH_DOMAIN, testRequest, nucleiTestInfo);
+        }
+
         try {
             NucleiExecutor.NucleiResult nucleiResult = NucleiExecutor.execute(
-                testRequest.getMethod(), 
-                fullUrlWithHost,
-                this.tempTemplatePath,
-                outputDir, 
-                testRequest.getBody(), 
-                testRequest.getHeaders(),
-                pwd
+                    testRequest.getMethod(),
+                    fullUrlWithHost,
+                    this.tempTemplatePath,
+                    outputDir,
+                    testRequest.getBody(),
+                    testRequest.getHeaders(),
+                    pwd
             );
 
-            if (nucleiResult == null) return addWithoutRequestError(rawApi.getOriginalMessage(), TestResult.TestError.FAILED_BUILDING_NUCLEI_TEMPLATE);
+            if (nucleiResult == null) return addWithoutRequestError(originalMessage, TestResult.TestError.FAILED_BUILDING_NUCLEI_TEMPLATE);
 
             int totalCount = Math.min(Math.min(nucleiResult.attempts.size(), nucleiResult.metaData.size()), 100);
 
@@ -148,10 +165,10 @@ public Result start(ApiInfo.ApiInfoKey apiInfoKey, TestingUtil testingUtil) {
 
                 overallVulnerable = overallVulnerable || vulnerable;
 
-                apiExecutionDetails = new ApiExecutionDetails(statusCode, percentageMatch, testResponse, originalHttpResponse, rawApi.getOriginalMessage());
+                apiExecutionDetails = new ApiExecutionDetails(statusCode, percentageMatch, testResponse, originalHttpResponse, originalMessage);
 
                 TestResult testResult = buildTestResult(
-                    pair.getFirst(), apiExecutionDetails.testResponse, rawApi.getOriginalMessage(), apiExecutionDetails.percentageMatch, vulnerable, nucleiTestInfo
+                        pair.getFirst(), apiExecutionDetails.testResponse, originalMessage, apiExecutionDetails.percentageMatch, vulnerable, nucleiTestInfo
                 );
 
                 if (vulnerable) {
@@ -172,6 +189,61 @@ public Result start(ApiInfo.ApiInfoKey apiInfoKey, TestingUtil testingUtil) {
         return addTestSuccessResult(overallVulnerable, testResults, new ArrayList<>(), TestResult.Confidence.HIGH);
     }
 
+    public static void replaceVariables(String templatePath, Map<String, Object> valuesMap) throws Exception {
+        if (valuesMap == null || valuesMap.isEmpty()) return;
+
+        InputStream inputStream = java.nio.file.Files.newInputStream(new File(templatePath).toPath());
+        StringBuilder textBuilder = new StringBuilder();
+        try (Reader reader = new BufferedReader(new InputStreamReader
+                (inputStream, Charset.forName(StandardCharsets.UTF_8.name())))) {
+            int c = 0;
+            while ((c = reader.read()) != -1) {
+                textBuilder.append((char) c);
+            }
+        }
+
+        String templateString = textBuilder.toString();
+
+        String regex = "\\{\\{(.*?)\\}\\}"; // todo: integer inside brackets
+        Pattern p = Pattern.compile(regex);
+
+        // replace with values
+        Matcher matcher = p.matcher(templateString);
+        StringBuffer sb = new StringBuffer();
+        while (matcher.find()) {
+            String key = matcher.group(1);
+            if (key == null) continue;
+            if (!valuesMap.containsKey(key)) {
+                System.out.println("Missed: " + key);
+                continue;
+            }
+            Object obj = valuesMap.get(key);
+            if (obj == null) obj = "null";
+
+            String val = obj.toString();
+            if (true) { // todo remove
+                val = val.replace("\\", "\\\\")
+                        .replace("\t", "\\t")
+                        .replace("\b", "\\b")
+                        .replace("\n", "\\n")
+                        .replace("\r", "\\r")
+                        .replace("\f", "\\f")
+                        .replace("\'", "\\'")
+                        .replace("\"", "\\\"");
+            }
+            matcher.appendReplacement(sb, "");
+            sb.append(val);
+        }
+
+        matcher.appendTail(sb);
+
+        String finalTemplateString = sb.toString();
+
+
+        File file = new File(templatePath);
+        FileUtils.writeStringToFile(file, finalTemplateString, Charsets.UTF_8);
+    }
+
     public static void downloadLinks(String templatePath, String outputDir) throws IOException {
         List<String> urlsToDownload = new ArrayList<>();
         Yaml yaml = new Yaml();
diff --git a/apps/testing/src/main/java/com/akto/rules/OpenRedirectTest.java b/apps/testing/src/main/java/com/akto/rules/OpenRedirectTest.java
new file mode 100644
index 0000000000..17942d0c86
--- /dev/null
+++ b/apps/testing/src/main/java/com/akto/rules/OpenRedirectTest.java
@@ -0,0 +1,153 @@
+package com.akto.rules;
+
+import com.akto.dto.ApiInfo;
+import com.akto.dto.OriginalHttpRequest;
+import com.akto.dto.OriginalHttpResponse;
+import com.akto.dto.RawApi;
+import com.akto.dto.testing.TestResult;
+import com.akto.dto.type.RequestTemplate;
+import com.akto.log.LoggerMaker;
+import com.akto.store.SampleMessageStore;
+import com.akto.store.TestingUtil;
+import com.akto.util.JSONUtils;
+import com.akto.util.modifier.NestedObjectModifier;
+import com.akto.util.modifier.SetValueModifier;
+import com.mongodb.BasicDBObject;
+
+import java.util.*;
+
+public class OpenRedirectTest extends TestPlugin {
+
+    private final String testRunId;
+    private final String testRunResultSummaryId;
+
+    private final static String REDIRECT_KEYWORD = "{{redirect}}";
+    private final static String REDIRECT_KEYWORD_TEMP = "AKTOREDIRECT";
+
+
+    public OpenRedirectTest(String testRunId, String testRunResultSummaryId) {
+        this.testRunId = testRunId;
+        this.testRunResultSummaryId = testRunResultSummaryId;
+    }
+    @Override
+    public Result start(ApiInfo.ApiInfoKey apiInfoKey, TestingUtil testingUtil) {
+        List<RawApi> messages = SampleMessageStore.fetchAllOriginalMessages(apiInfoKey, testingUtil.getSampleMessages());
+        RawApi rawApi = null;
+        String location = null;
+
+        // todo: check if location doesn't come from request
+        boolean flag = false;
+
+        for (RawApi message: messages) {
+            if (message.getResponse().getStatusCode() != 302) continue;
+
+            rawApi = message.copy();
+            OriginalHttpRequest req = rawApi.getRequest();
+            OriginalHttpResponse resp = rawApi.getResponse();
+
+            // find original redirect location
+            location = resp.findHeaderValue("location");
+            if (location == null) {
+                rawApi = null;
+                continue;
+            }
+
+            // find if location is being passed in header
+            Map<String, List<String>> reqHeaders = req.getHeaders();
+            for (String key: reqHeaders.keySet()) {
+                List<String> values = reqHeaders.get(key);
+                if (values == null) values = new ArrayList<>();
+                for (int idx=0; idx<values.size(); idx++) {
+                    String v = values.get(idx);
+                    if (v.equalsIgnoreCase(location)) {
+                        flag = true;
+                        values.set(idx, REDIRECT_KEYWORD);
+                    }
+                }
+            }
+
+            // find if location is being passed in queryParams
+            String queryJson = OriginalHttpRequest.convertFormUrlEncodedToJson(req.getQueryParams());
+            BasicDBObject queryObj = BasicDBObject.parse(queryJson);
+            for (String key: queryObj.keySet()) {
+                Object valueObj = queryObj.get(key);
+                if (valueObj == null) continue;
+                String value = valueObj.toString();
+                if (value.equalsIgnoreCase(location)) {
+                    flag = true;
+                    queryObj.put(key, REDIRECT_KEYWORD_TEMP);
+                }
+            }
+            String modifiedQueryParamString = OriginalHttpRequest.getRawQueryFromJson(queryObj.toJson());
+            if (modifiedQueryParamString != null) {
+                modifiedQueryParamString = modifiedQueryParamString.replaceAll(REDIRECT_KEYWORD_TEMP, REDIRECT_KEYWORD);
+                req.setQueryParams(modifiedQueryParamString);
+            }
+
+            // find if location is being passed in request body
+            String jsonBody = req.getJsonRequestBody();
+            BasicDBObject payload = RequestTemplate.parseRequestPayload(jsonBody, null);
+            Map<String, Set<Object>> flattenedPayload = JSONUtils.flatten(payload);
+            Set<String> payloadKeysToFuzz = new HashSet<>();
+            for (String key: flattenedPayload.keySet()) {
+                Set<Object> values = flattenedPayload.get(key);
+                for (Object v: values) {
+                    if (v !=null && v.equals(location))  {
+                        flag = true;
+                        payloadKeysToFuzz.add(key);
+                    }
+                }
+            }
+
+            Map<String, Object> store = new HashMap<>();
+            for (String k: payloadKeysToFuzz) store.put(k, REDIRECT_KEYWORD);
+
+            String modifiedPayload = JSONUtils.modify(jsonBody, payloadKeysToFuzz, new SetValueModifier(store));
+            req.setBody(modifiedPayload);
+
+            if (flag) break;
+        }
+
+        if (rawApi == null) return null;
+
+        System.out.println("******************");
+        System.out.println(rawApi.getRequest().toString());
+        System.out.println("******************");
+
+
+        String origTemplatePath = "https://raw.githubusercontent.com/avneesh-akto/tests-library/temp/redirect_file/redirect_own.yaml";
+        String testSourceConfigCategory = "";
+
+        Map<String, Object> valuesMap = new HashMap<>();
+        valuesMap.put("Method", apiInfoKey.method);
+        String baseUrl;
+        try {
+            baseUrl = rawApi.getRequest().getFullUrlIncludingDomain();
+            baseUrl = OriginalHttpRequest.getFullUrlWithParams(baseUrl,rawApi.getRequest().getQueryParams());
+        } catch (Exception e) {
+            loggerMaker.errorAndAddToDb("Error while getting full url including domain: " + e, LoggerMaker.LogDb.TESTING);
+            return addWithRequestError( rawApi.getOriginalMessage(), TestResult.TestError.FAILED_BUILDING_URL_WITH_DOMAIN,rawApi.getRequest(), null);
+        }
+        valuesMap.put("BaseURL", baseUrl);
+        valuesMap.put("Body", rawApi.getRequest().getBody());
+        valuesMap.put("OriginalLocationUrl", location);
+        FuzzingTest fuzzingTest = new FuzzingTest(
+                testRunId, testRunResultSummaryId, origTemplatePath,subTestName(), testSourceConfigCategory, valuesMap
+        );
+        try {
+            return fuzzingTest.runNucleiTest(rawApi);
+        } catch (Exception e ) {
+            return null;
+        }
+    }
+
+    @Override
+    public String superTestName() {
+        return "MISCONFIGURATION";
+    }
+
+    @Override
+    public String subTestName() {
+        return "OPEN_REDIRECT";
+    }
+}
diff --git a/apps/testing/src/main/java/com/akto/testing/ApiExecutor.java b/apps/testing/src/main/java/com/akto/testing/ApiExecutor.java
index 58c98c7362..156275e3ff 100644
--- a/apps/testing/src/main/java/com/akto/testing/ApiExecutor.java
+++ b/apps/testing/src/main/java/com/akto/testing/ApiExecutor.java
@@ -35,7 +35,7 @@ public static OriginalHttpResponse common(Request request, boolean followRedirec
                 body = "{}";
             }
         } catch (IOException e) {
-            loggerMaker.errorAndAddToDb("Error while executing request: " + e, LogDb.TESTING);
+            loggerMaker.errorAndAddToDb("Error while executing request " + request.url() + ": " + e, LogDb.TESTING);
             throw new Exception("Api Call failed");
         } finally {
             if (response != null) {
diff --git a/apps/testing/src/main/java/com/akto/testing/Main.java b/apps/testing/src/main/java/com/akto/testing/Main.java
index 1f61f5dc52..c3396c6129 100644
--- a/apps/testing/src/main/java/com/akto/testing/Main.java
+++ b/apps/testing/src/main/java/com/akto/testing/Main.java
@@ -102,12 +102,16 @@ public static void main(String[] args) throws InterruptedException {
                 }
             }
 
-            loggerMaker.infoAndAddToDb("Found one + " + testingRun.getId().toHexString(), LogDb.TESTING);
+            long timestamp = testingRun.getId().getTimestamp();
+            long seconds = Context.now() - timestamp;
+            loggerMaker.infoAndAddToDb("Found one + " + testingRun.getId().toHexString() + " created: " + seconds + " seconds ago", LogDb.TESTING);
             if (testingRun.getTestIdConfig() > 1) {
                 TestingRunConfig testingRunConfig = TestingRunConfigDao.instance.findOne(Constants.ID, testingRun.getTestIdConfig());
                 if (testingRunConfig != null) {
                     loggerMaker.infoAndAddToDb("Found testing run config with id :" + testingRunConfig.getId(), LogDb.TESTING);
                     testingRun.setTestingRunConfig(testingRunConfig);
+                } else {
+                    loggerMaker.errorAndAddToDb("Couldn't find testing run config id for " + testingRun.getTestIdConfig(), LogDb.TESTING);
                 }
             }
 
@@ -115,6 +119,7 @@ public static void main(String[] args) throws InterruptedException {
                     0, testingRun.getId(), testingRun.getId().toHexString(), 0);
 
             ObjectId summaryId = TestingRunResultSummariesDao.instance.insertOne(summary).getInsertedId().asObjectId().getValue();
+            loggerMaker.infoAndAddToDb("Inserted testing run summary: " + summaryId, LogDb.TESTING);
 
             try {
                 testExecutor.init(testingRun, summaryId);
diff --git a/apps/testing/src/main/java/com/akto/testing/StatusCodeAnalyser.java b/apps/testing/src/main/java/com/akto/testing/StatusCodeAnalyser.java
index 13896865b3..4b170e0c0a 100644
--- a/apps/testing/src/main/java/com/akto/testing/StatusCodeAnalyser.java
+++ b/apps/testing/src/main/java/com/akto/testing/StatusCodeAnalyser.java
@@ -1,6 +1,9 @@
 package com.akto.testing;
 
+import com.akto.DaoInit;
+import com.akto.dao.ApiCollectionsDao;
 import com.akto.dao.AuthMechanismsDao;
+import com.akto.dao.context.Context;
 import com.akto.dto.*;
 import com.akto.dto.testing.AuthMechanism;
 import com.akto.log.LoggerMaker;
@@ -11,8 +14,7 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.mongodb.BasicDBObject;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import com.mongodb.ConnectionString;
 
 import java.util.*;
 
@@ -40,7 +42,6 @@ public String toString() {
         }
     }
 
-
     private static final LoggerMaker loggerMaker = new LoggerMaker(StatusCodeAnalyser.class);
     public static int MAX_COUNT = 30;
     public static void run() {
@@ -53,14 +54,33 @@ public static void run() {
             return;
         }
         Map<Set<String>, Map<String,Integer>> frequencyMap = new HashMap<>();
+        Map<Integer, ApiCollection> apiCollectionMap = ApiCollectionsDao.instance.generateApiCollectionMap();
 
         int count = 0;
         int inc = 0;
         for (ApiInfo.ApiInfoKey apiInfoKey: sampleDataMap.keySet()) {
+            ApiCollection apiCollection = apiCollectionMap.get(apiInfoKey.getApiCollectionId());
+            if (!apiInfoKey.url.startsWith("http")) { // mirroring
+                if (apiCollection == null || apiCollection.getHostName() == null || apiCollection.getHostName().isEmpty()) {
+                    continue;
+                }
+            }
+
+            if (inc >= 5) {
+                loggerMaker.infoAndAddToDb("5 error API calls. Exiting status code analyser", LogDb.TESTING);
+                break;
+            }
+
             if (count > MAX_COUNT) break;
             try {
                 List<RawApi> messages = SampleMessageStore.fetchAllOriginalMessages(apiInfoKey, sampleDataMap);
-                boolean success = fillFrequencyMap(messages, authMechanism, frequencyMap);
+                boolean success;
+                try {
+                    success = fillFrequencyMap(messages, authMechanism, frequencyMap);
+                } catch (Exception e) {
+                    inc += 1;
+                    continue;
+                }
                 if (success)  {
                     count += 1;
                     loggerMaker.infoAndAddToDb("count: " + count, LogDb.TESTING);
@@ -68,8 +88,6 @@ public static void run() {
             } catch (Exception e) {
                 loggerMaker.errorAndAddToDb("Error while filling frequency map: " + e, LogDb.TESTING);
             }
-            if (inc % 10 == 0) System.out.println(inc);
-            inc += 1;
         }
 
         calculateResult(frequencyMap, 5);
@@ -90,7 +108,7 @@ public static void calculateResult(Map<Set<String>, Map<String,Integer>> frequen
         }
     }
 
-    public static boolean fillFrequencyMap(List<RawApi> messages, AuthMechanism authMechanism, Map<Set<String>, Map<String,Integer>> frequencyMap) {
+    public static boolean fillFrequencyMap(List<RawApi> messages, AuthMechanism authMechanism, Map<Set<String>, Map<String,Integer>> frequencyMap) throws Exception {
 
         // fetch sample message
         List<RawApi> filteredMessages = SampleMessageStore.filterMessagesWithAuthToken(messages, authMechanism);
@@ -112,12 +130,7 @@ public static boolean fillFrequencyMap(List<RawApi> messages, AuthMechanism auth
         if (!result) return false;
 
         // execute API
-        OriginalHttpResponse finalResponse;
-        try {
-            finalResponse = ApiExecutor.sendRequest(request, true);
-        } catch (Exception e) {
-            return false;
-        }
+        OriginalHttpResponse finalResponse = ApiExecutor.sendRequest(request, true);
 
         // if non 2xx then skip this api
         if (finalResponse.getStatusCode() < 200 || finalResponse.getStatusCode() >= 300) return false;
diff --git a/apps/testing/src/main/java/com/akto/testing/TestExecutor.java b/apps/testing/src/main/java/com/akto/testing/TestExecutor.java
index 0d0e2df81f..c6e1a4ef26 100644
--- a/apps/testing/src/main/java/com/akto/testing/TestExecutor.java
+++ b/apps/testing/src/main/java/com/akto/testing/TestExecutor.java
@@ -311,7 +311,7 @@ public List<TestingRunResult> runNucleiTests(ApiInfo.ApiInfoKey apiInfoKey, Test
                         origTemplateURL = origTemplateURL.replace("https://github.com/", "https://raw.githubusercontent.com/").replace("/blob/", "/");
                         String subcategory = origTemplateURL.substring(origTemplateURL.lastIndexOf("/")+1).split("\\.")[0];
 
-                        FuzzingTest fuzzingTest = new FuzzingTest(testingRun.getId().toHexString(), summaryId.toHexString(), origTemplateURL, subcategory, testSubCategory);
+                        FuzzingTest fuzzingTest = new FuzzingTest(testingRun.getId().toHexString(), summaryId.toHexString(), origTemplateURL, subcategory, testSubCategory, null);
                         TestingRunResult fuzzResult = runTest(fuzzingTest, apiInfoKey, testingUtil, testingRun.getId(), summaryId);
                         if (fuzzResult != null) {
                             trim(fuzzResult);
@@ -473,8 +473,8 @@ public List<TestingRunResult> startWithLatch(
                     TestingRunResultDao.instance.insertMany(testingRunResults);
                     loggerMaker.infoAndAddToDb("Inserted testing results", LogDb.TESTING);
                     //Creating issues from testingRunResults
-                    TestingIssuesHandler handler = new TestingIssuesHandler();
-                    handler.handleIssuesCreationFromTestingRunResults(testingRunResults);
+                   TestingIssuesHandler handler = new TestingIssuesHandler();
+                   handler.handleIssuesCreationFromTestingRunResults(testingRunResults);
                 }
             } catch (Exception e) {
                 loggerMaker.errorAndAddToDb("error while running tests: " + e, LogDb.TESTING);
@@ -539,6 +539,7 @@ public List<TestingRunResult> start(ApiInfo.ApiInfoKey apiInfoKey, int testIdCon
         JWTInvalidSignatureTest jwtInvalidSignatureTest = new JWTInvalidSignatureTest();//JWT_INVALID_SIGNATURE
         AddJkuToJwtTest addJkuToJwtTest = new AddJkuToJwtTest();//ADD_JKU_TO_JWT
         BFLATest bflaTest = new BFLATest();//BFLA
+        OpenRedirectTest openRedirectTest = new OpenRedirectTest(testRunId.toHexString(), testRunResultSummaryId.toHexString());
 
         List<TestingRunResult> testingRunResults = new ArrayList<>();
 
@@ -606,6 +607,11 @@ public List<TestingRunResult> start(ApiInfo.ApiInfoKey apiInfoKey, int testIdCon
             if (changeHttpMethodTestResult != null) testingRunResults.add(changeHttpMethodTestResult);
         }
 
+        if (testSubCategories == null || testSubCategories.contains(TestSubCategory.OPEN_REDIRECT.name())) {
+            TestingRunResult openRedirectResult = runTest(openRedirectTest, apiInfoKey, testingUtil, testRunId, testRunResultSummaryId);
+            if (openRedirectResult != null) testingRunResults.add(openRedirectResult);
+        }
+
         return testingRunResults;
     }
 
diff --git a/libs/dao/src/main/java/com/akto/dao/ApiCollectionsDao.java b/libs/dao/src/main/java/com/akto/dao/ApiCollectionsDao.java
index 948227fc99..c652726ae2 100644
--- a/libs/dao/src/main/java/com/akto/dao/ApiCollectionsDao.java
+++ b/libs/dao/src/main/java/com/akto/dao/ApiCollectionsDao.java
@@ -43,7 +43,7 @@ public List<ApiCollection> getMetaAll() {
 
     public Map<Integer, ApiCollection> generateApiCollectionMap() {
         Map<Integer, ApiCollection> apiCollectionMap = new HashMap<>();
-        List<ApiCollection> apiCollections = ApiCollectionsDao.instance.findAll(new BasicDBObject());
+        List<ApiCollection> apiCollections = getMetaAll();
         for (ApiCollection apiCollection: apiCollections) {
             apiCollectionMap.put(apiCollection.getId(), apiCollection);
         }
diff --git a/libs/dao/src/main/java/com/akto/dto/OriginalHttpRequest.java b/libs/dao/src/main/java/com/akto/dto/OriginalHttpRequest.java
index 195dbac058..6654d9fc5f 100644
--- a/libs/dao/src/main/java/com/akto/dto/OriginalHttpRequest.java
+++ b/libs/dao/src/main/java/com/akto/dto/OriginalHttpRequest.java
@@ -241,9 +241,13 @@ public String getFullUrlIncludingDomain() throws Exception {
     }
 
     public String getFullUrlWithParams() {
-        if (this.queryParams == null || this.queryParams.isEmpty()) return this.url;
-        if (url.contains("?")) return this.url + "&" + this.queryParams;
-        return this.url + "?" + this.queryParams;
+        return getFullUrlWithParams(this.url, this.queryParams);
+    }
+
+    public static String getFullUrlWithParams(String url, String queryParams) {
+        if (queryParams == null || queryParams.isEmpty()) return url;
+        if (url.contains("?")) return url + "&" + queryParams;
+        return url + "?" + queryParams;
     }
 
     public static Map<String,List<String>> buildHeadersMap(Map json, String key) {
@@ -361,4 +365,16 @@ public boolean setMethodAndQP(String line) {
 
         return true;
     }
+
+    @Override
+    public String toString() {
+        return "OriginalHttpRequest{" +
+                "url='" + url + '\'' +
+                ", type='" + type + '\'' +
+                ", queryParams='" + queryParams + '\'' +
+                ", method='" + method + '\'' +
+                ", body='" + body + '\'' +
+                ", headers=" + headers +
+                '}';
+    }
 }
diff --git a/libs/dao/src/main/java/com/akto/dto/OriginalHttpResponse.java b/libs/dao/src/main/java/com/akto/dto/OriginalHttpResponse.java
index d0e7e986b2..d23ecaa1bd 100644
--- a/libs/dao/src/main/java/com/akto/dto/OriginalHttpResponse.java
+++ b/libs/dao/src/main/java/com/akto/dto/OriginalHttpResponse.java
@@ -67,6 +67,13 @@ public void appendToPayload(String line) {
         this.body += line;
     }
 
+    public String findHeaderValue(String headerName) {
+        if (this.headers == null ) return null;
+        List<String> values = this.headers.get(headerName.trim().toLowerCase());
+        if (values == null || values.size() == 0) return null;
+        return values.get(0);
+    }
+
     public String getBody() {
         return body;
     }
diff --git a/libs/dao/src/main/java/com/akto/dto/testing/HardcodedAuthParam.java b/libs/dao/src/main/java/com/akto/dto/testing/HardcodedAuthParam.java
index 522e1155b6..3b68b4d421 100644
--- a/libs/dao/src/main/java/com/akto/dto/testing/HardcodedAuthParam.java
+++ b/libs/dao/src/main/java/com/akto/dto/testing/HardcodedAuthParam.java
@@ -2,6 +2,7 @@
 
 import com.akto.dto.HttpRequestParams;
 import com.akto.dto.OriginalHttpRequest;
+import com.akto.util.CookieTransformer;
 import com.akto.util.JSONUtils;
 import com.akto.util.JsonStringPayloadModifier;
 import com.akto.util.TokenPayloadModifier;
@@ -48,7 +49,8 @@ public boolean authTokenPresent(OriginalHttpRequest request) {
             return data.keySet().contains(this.key);
         } else {
             Map<String, List<String>> headers = request.getHeaders();
-            return headers.containsKey(k);
+            List<String> cookieList = headers.getOrDefault("cookie", new ArrayList<>());
+            return headers.containsKey(k) || CookieTransformer.isKeyPresentInCookie(cookieList, k);
         }
     }
 
diff --git a/libs/dao/src/main/java/com/akto/dto/testing/LoginRequestAuthParam.java b/libs/dao/src/main/java/com/akto/dto/testing/LoginRequestAuthParam.java
index 8bce0b19b2..0858466109 100644
--- a/libs/dao/src/main/java/com/akto/dto/testing/LoginRequestAuthParam.java
+++ b/libs/dao/src/main/java/com/akto/dto/testing/LoginRequestAuthParam.java
@@ -1,11 +1,13 @@
 package com.akto.dto.testing;
 
 import com.akto.dto.OriginalHttpRequest;
+import com.akto.util.CookieTransformer;
 import com.akto.util.JSONUtils;
 import com.akto.util.JsonStringPayloadModifier;
 import com.akto.util.TokenPayloadModifier;
 import com.mongodb.BasicDBObject;
 
+import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
@@ -51,7 +53,8 @@ public boolean authTokenPresent(OriginalHttpRequest request) {
             return data.keySet().contains(this.key);
         } else {
             Map<String, List<String>> headers = request.getHeaders();
-            return headers.containsKey(k);
+            List<String> cookieList = headers.getOrDefault("cookie", new ArrayList<>());
+            return headers.containsKey(k) || CookieTransformer.isKeyPresentInCookie(cookieList, k);
         }
     }
 
diff --git a/libs/dao/src/main/java/com/akto/dto/testing/TestResult.java b/libs/dao/src/main/java/com/akto/dto/testing/TestResult.java
index 4107946a3f..834057947a 100644
--- a/libs/dao/src/main/java/com/akto/dto/testing/TestResult.java
+++ b/libs/dao/src/main/java/com/akto/dto/testing/TestResult.java
@@ -29,7 +29,8 @@ public enum TestError {
         FAILED_DOWNLOADING_NUCLEI_TEMPLATE("Failed downloading nuclei template"),
         FAILED_DOWNLOADING_PAYLOAD_FILES("Failed downloading payload files"),
         FAILED_BUILDING_NUCLEI_TEMPLATE("Failed building nuclei template"),
-        FAILED_BUILDING_URL_WITH_DOMAIN("Failed building URL with domain");
+        FAILED_BUILDING_URL_WITH_DOMAIN("Failed building URL with domain"),
+        FAILED_REPLACING_VARIABLES_IN_NUCLEI_TEMPLATE("Failed replacing variables in nuclei template");
 
         private final String message;
 
diff --git a/libs/dao/src/main/java/com/akto/util/CookieTransformer.java b/libs/dao/src/main/java/com/akto/util/CookieTransformer.java
new file mode 100644
index 0000000000..cf350e06c3
--- /dev/null
+++ b/libs/dao/src/main/java/com/akto/util/CookieTransformer.java
@@ -0,0 +1,55 @@
+package com.akto.util;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+public class CookieTransformer {
+
+    public static Boolean isKeyPresentInCookie(List<String> cookieList, String key) {
+
+        if(cookieList==null)return false;
+        for (String cookieValues : cookieList) {
+            String[] cookies = cookieValues.split(";");
+            for (String cookie : cookies) {
+                cookie=cookie.trim();
+                String[] cookieFields = cookie.split("=");
+                if (cookieFields.length == 2) {
+                    String cookieKey = cookieFields[0].toLowerCase();
+                    if(cookieKey.equals(key.toLowerCase())){
+                        return true;
+                    }
+                }
+            }
+        }
+        return false;
+    }
+
+    public static void modifyCookie(List<String> cookieList, String key, String value) {
+
+        if(cookieList==null)return;
+
+        int i = 0;
+        for (String cookieValues : cookieList) {
+            String[] cookies = cookieValues.split(";");
+            int index = 0;
+            for (String cookie : cookies) {
+                cookie=cookie.trim();
+                String[] cookieFields = cookie.split("=");
+
+                if (cookieFields.length == 2) {
+                    String cookieKey = cookieFields[0].toLowerCase();
+                    if(cookieKey.equals(key.toLowerCase())){
+                        cookies[index] = String.join("=", cookieFields[0], value);
+                    }
+                }
+                index++;
+            }
+
+            String modifiedCookieValue = String.join(";", cookies);
+            cookieList.set(i, modifiedCookieValue);
+            i++;
+        }
+    }
+
+}
\ No newline at end of file
diff --git a/libs/dao/src/main/java/com/akto/util/TokenPayloadModifier.java b/libs/dao/src/main/java/com/akto/util/TokenPayloadModifier.java
index cb8c5478a9..f96805fdd5 100644
--- a/libs/dao/src/main/java/com/akto/util/TokenPayloadModifier.java
+++ b/libs/dao/src/main/java/com/akto/util/TokenPayloadModifier.java
@@ -1,5 +1,6 @@
 package com.akto.util;
 
+import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
@@ -7,6 +8,8 @@
 import com.akto.dto.OriginalHttpRequest;
 import com.akto.dto.testing.AuthParam;
 
+import okhttp3.Cookie;
+
 public class TokenPayloadModifier {
     
     public static Boolean tokenPayloadModifier(OriginalHttpRequest request, String key, String value, AuthParam.Location where) {
@@ -21,12 +24,20 @@ public static Boolean tokenPayloadModifier(OriginalHttpRequest request, String k
         }
         else {
             Map<String, List<String>> headers = request.getHeaders();
+            List<String> cookieList = headers.getOrDefault("cookie", new ArrayList<>());
             String k = key.toLowerCase().trim();
             if (value == null || value == "null") {
                 headers.remove(k);
+                CookieTransformer.modifyCookie(cookieList, key, value);
             } else {
-                headers.put(k, Collections.singletonList(value));
+                if (headers.containsKey(k)) {
+                    headers.put(k, Collections.singletonList(value));
+                }
+                if (CookieTransformer.isKeyPresentInCookie(cookieList, key)) {
+                    CookieTransformer.modifyCookie(cookieList, key, value);
+                }
             }
+            
         }
         return true;
     }
diff --git a/libs/dao/src/main/java/com/akto/util/enums/GlobalEnums.java b/libs/dao/src/main/java/com/akto/util/enums/GlobalEnums.java
index 49e7b1ba1e..f593a844ca 100644
--- a/libs/dao/src/main/java/com/akto/util/enums/GlobalEnums.java
+++ b/libs/dao/src/main/java/com/akto/util/enums/GlobalEnums.java
@@ -332,6 +332,21 @@ public enum TestSubCategory {
                 IssueTags.OWASPTOP10,
                 IssueTags.HACKERONETOP10,
         }),
+        OPEN_REDIRECT(
+                "OPEN_REDIRECT",
+                TestCategory.SM,
+                "Open redirect",
+                "An attacker can construct a URL within the application that causes a redirection to an arbitrary external domain.",
+                "Open redirection vulnerabilities arise when an application incorporates user-controllable data into the target of a redirection in an unsafe way." +
+                        "The ability to use an authentic application URL, targeting the correct domain and with a valid SSL certificate (if SSL is used), lends credibility to the phishing attack because many users, even if they verify these features, will not notice the subsequent redirection to a different domain",
+                "This behavior can be leveraged to facilitate phishing attacks against users of the application.",
+                new String[]{
+                        "https://portswigger.net/kb/issues/00500100_open-redirection-reflected"
+                }, new IssueTags[]{
+                IssueTags.BL,
+                IssueTags.OWASPTOP10,
+                IssueTags.HACKERONETOP10,
+        }),
 
         CUSTOM_IAM(
                 "CUSTOM_IAM",
diff --git a/libs/dao/src/main/java/com/akto/util/modifier/SetValueModifier.java b/libs/dao/src/main/java/com/akto/util/modifier/SetValueModifier.java
new file mode 100644
index 0000000000..29528c3544
--- /dev/null
+++ b/libs/dao/src/main/java/com/akto/util/modifier/SetValueModifier.java
@@ -0,0 +1,20 @@
+package com.akto.util.modifier;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class SetValueModifier extends PayloadModifier {
+
+    Map<String, Object> store = new HashMap<>();
+
+    public SetValueModifier(Map<String, Object> store) {
+        super();
+        this.store = store;
+    }
+
+    @Override
+    public Object modify(String key, Object value) {
+        if (!store.containsKey(key)) return value;
+        return store.get(key);
+    }
+}