Dear Experts,
An Adversary can bypass the login page by manipulating the response coming from server.Capturing the Success response and request from the server to the client using Proxy tool.The Application directly taking in to the power access application thus bypassing the authentication modes entirely.How to find third party tool hitting server.Because we are implemented 2FA Two-factor authentication in login portal.Here there using one tool and getting Our Successful Request(HTTP/1.1 302 Found ) and Response.Based on there By Passing enter process.Without 2FA also we are loging into portal successful landed Request getting also there use to Bypassing.we are using https and SSL that configurations done.But no use there getting final request based on there BYPASS.
Please tell me solution are configurations for server side validations to protect against unauthorized access .This is a Security Issue that to Urgent.
Thank for Advance 
Thanks and Best Regards,
Durga Rao.