💡 Hint 1?
Only user admin@google.com is allowed to access the protected ressource.
💡 Hint 2?
You don't know any credentials. But there is a password reset option...
💡 Hint 3?
If you don't know which attack works, you must go through all of them systematically...
Always start with the easy ones and proceed with more advanced attacks.