BOLA Lab — Schema & Credentials

Enter your lab hostname to download the OpenAPI schema and fresh scanner credentials.

The schema's servers host is set to your hostname. Credentials are fresh RS256 JWTs (owner + attacker) signed with the lab key — feed both into scan.sh to run the Vulnerability Scanner.

Credentials are not tied to the hostname; only the schema is.