search

JSON web tokens are a type of access tokens that are widely used in commercial applications. They are based on the JSON format and includes a token signature to ensure the integrity of the token. Today, we are going to talk about the security implications of using JSON web tokens (and signature-based tokens in general), and how they can be exploited by attackers to bypass access control.

Bharat Dwarkani shared on Mar 12, 2020
image
link.medium.com
bookmarks
share
visibility17
visibility17 share bookmarks

Regex is everywhere on the Internet nowadays. Downing Servers With Evil Regular Expressions. But can regex also lead to vulnerabilities? Today, let’s explore how attackers can exploit poorly…

Bharat Dwarkani shared on Mar 12, 2020
image
link.medium.com
bookmarks
share
visibility9
visibility9 share bookmarks

Nowadays, people are worrying to use the internet due to website security. Internet theft is increasing day by day. Users are trying to mislead the internet in recent years. So it is the developer’s responsibility to the internet well and we don’t want to make the way to malicious activities to take place in our own/undertaking applications.

Puthiya shared on Nov 20, 2019
image
rsagames.com
bookmarks
share
visibility14
visibility14 share bookmarks

Several tools were also previously developed. However, after assessing the quality of the public tools, I concluded that we need better tools to perform testing against JWT. I have developed a set of scripts I call it “jwt-pwn” that aims to test JWT authentication with stability, simplicity, and efficiency in mind. The scripts set are very simple, as it integrates directly with the JWT Python library.

Bharat Dwarkani shared on Oct 26, 2019
image
mazinahmed.net
bookmarks
share
visibility7
visibility7 share bookmarks
add