search
profile img

Bharat Dwarkani

Oct 26, 2019
bookmarks

linkmazinahmed.net

Several tools were also previously developed. However, after assessing the quality of the public tools, I concluded that we need better tools to perform testing against JWT. I have developed a set of scripts I call it “jwt-pwn” that aims to test JWT authentication with stability, simplicity, and efficiency in mind. The scripts set are very simple, as it integrates directly with the JWT Python library.

share
favorite_border0 visibility0
favorite_border0 visibility0 share
bookmarks
profile img

Bharat Dwarkani

Oct 19, 2019
bookmarks

linkauth0.com

For those who are unfamiliar, JSON Web Token (JWT) is a standard for creating tokens that assert some number of claims. For example, a server could generate a token that has the claim "logged in as admin" and provide that to a client. The client could then use that token to prove that they are logged in as admin. The tokens are signed by the server's key, so the server is able to verify that the token is legitimate.

share
favorite_border0 visibility3
favorite_border0 visibility3 share
bookmarks
profile img

Bharat Dwarkani

Sep 22, 2019
bookmarks

linkblog.hasura.io

JWTs (JSON Web Token, pronounced 'jot') are becoming a popular way of handling auth. This post aims to demystify what a JWT is, discuss its pros/cons and cover best practices in implementing JWT on the client-side, keeping security in mind.

share
favorite_border1 visibility6
favorite_border1 visibility6 share
bookmarks
profile img

Bharat Dwarkani

Sep 15, 2019
bookmarks

linkmedium.com

Over the last few months, some implementations of JSON Web Tokens (JWTs) that have ultimately led to compromise of the web application. Some scenarios include, stealing admin tokens through XSS (detailed in this blog) and forging claims during account registration to create standard accounts with admin privileges.

share
favorite_border0 visibility3
favorite_border0 visibility3 share
bookmarks
profile img

Bharat Dwarkani

Sep 10, 2019
bookmarks

linkblog.angular-university.io

The goal in this post is to first start by learning how JSON Web Tokens (or JWTs) work in detail, including how they can be used for User Authentication and Session Management in a Web Application.

share
favorite_border0 visibility0
favorite_border0 visibility0 share
bookmarks
profile img

Bharat Dwarkani

Sep 01, 2019
bookmarks

linkitnext.io

How to implement JSON Web Tokens in Dart

share
favorite_border0 visibility2
favorite_border0 visibility2 share
bookmarks
add