Write a fake helper for Basic authentication that always returns either OK or ERR.
Use tcpdump or ethereal to capture some HTTP requests. Decode the authorization credentials.
If you're using NTLM, capture some HTTP requests and attempt a replay attack.
Kill Squid's authentication helper processes one-by-one while running tail -f cache.log.
Find out what happens to your favorite NTLM-based authenticator when it can't communicate with the NT domain controller.