webctl Auth Recipe Extraction Survey
Upload sanitized HAR captures to generate an auth transition graph, classify flow topology, and emit executor-oriented auth-recipe JSON.
Upload one sanitized HAR (`.har`) exported from controlled probing runs.
Flow map reconstructed from captured request order.
No edges yet. Upload a HAR to build the graph.
Compiled JSON maps to deterministic execution targets and can be fed to the webctl runtime stage.
Upload a HAR to generate an auth recipe.
Authscan formalizes extraction of authentication protocol semantics from traces and implementation artifacts for formal security analysis.
thesis signal: Demonstrates explicit auth-structure inference can produce reusable protocol models, directly validating authRecipe IR goals.
Automates login across thousands of domains using reusable phases and verification loops from credential submission to post-login checks.
thesis signal: Provides strong evidence that production auth automation relies on staged recon+execution logic rather than one-shot prompting.
Systematic discovery and execution of OAuth/SAML login pathways with hybrid visual and semantic detectors.
thesis signal: Shows explicit provider discovery + callback validation is necessary for federated-auth recipes and naturally maps to webctl transitions/oracles.
Reinforcement and human-in-the-loop browser automation with large LLM steering loops.
thesis signal: Useful contrast case: token-heavy runtime models, where webctl aims to reduce run-time token spend via recon-only compilers.
Commercial browser scripting framework with runtime reasoning over DOM states and user interaction tasks.
thesis signal: Useful counterexample for zero-runtime claims: heavy runtime state modeling and retries are treated as first-class execution mechanics.
Browser devtools ecosystem traces and HAR emission used for request sequencing diagnostics.
thesis signal: Ties HAR-derived request topology to deterministic extraction because all transitions are ordered and inspectable from capture.