CVE-2016-5431

Explore and learn about JWT vulnerabilities through hands-on security labs. Perfect for cybersecurity enthusiasts, developers, and learners!

JWT Hacking Lab 🛠️ Welcome to the JWT Hacking Lab! This project is a fantastic hands-on playground designed to help you dig deep into the world of JSON Web Token (JWT) security 😎 🚀 Labs and Learning Objectives 🎯 Our labs, each focusing on a specific JWT-related vulnerability, are as follows: Secrets Under the Rug: Exploiting Weak HMAC Secrets 🤫: This lab tea

JWT_hacking None algorithm attack – CVE-2015-9235 This attack targets an option in the JWT standard for producing unsigned keys The output literally omits any signature portion after the second dot Due to weaknesses in some libraries or server configurations, a service may read our tampered request, see that it does not need to be signed, and then just accept it on t

Powershell JWT module

Powershell JWT module Description Create, validate and decode JWT in PowerShell easily Supported algorithms: Symmetric Key HS256 HS384 HS512 Asymmetric Key RS256 RS384 RS512 Install This module is published on the PowerShell Gallery To install it, you can run the following command: Install-Module powershell-jwt To update an instal

HTB-Under-Construction Vào dịp cuối năm trong lúc mọi người đang bận rộn dọn dẹp nhà cửa, sắp sửa đồ mới đón tết thì mình nhận được một challenge HackTheBox ở mức medium từ một người anh vừa mới quen qua một nhóm học tập trên facebook Challenge này cho m&