search

JWT Hacks

hashtag
Remaining attacks

https://book.hacktricks.xyz/pentesting-web/hacking-jwt-json-web-tokensarrow-up-right https://www.youtube.com/watch?v=VA1g7YV8HkIarrow-up-right https://gowthamaraj-rajendran.medium.com/all-about-jwt-attacks-tools-included-8841c0a48b34arrow-up-right https://medium.com/@musab_alharany/10-ways-to-exploit-json-web-token-jwt-ac5f4efbc41barrow-up-right https://zerodayhacker.com/hacking-jwt-json-web-token-part-2/arrow-up-right https://portswigger.net/web-security/jwt/algorithm-confusionarrow-up-right https://github.com/ticarpi/jwt_tool/blob/master/README.mdarrow-up-right https://github.com/ticarpi/jwt_tool/wikiarrow-up-right https://github.com/ticarpi/jwt_tool/wiki/Using-jwt_toolarrow-up-right https://github.com/ticarpi/jwt_tool/wiki/Known-Exploits-and-Attacksarrow-up-right https://portswigger.net/web-security/jwtarrow-up-right https://github.com/ticarpi/jwt_tool/wiki/Known-Exploits-and-Attacksarrow-up-right https://nav7neeet.medium.com/jwt-key-confusion-attack-part1-556c2db4f148arrow-up-right

hashtag
Resources

https://blog.pentesteracademy.com/hacking-jwt-tokens-bruteforcing-weak-signing-key-johntheripper-89f0c7e6a87arrow-up-right Locktalk: https://crypto-cat.gitbook.io/ctf-writeups/2024/cyber_apocalypse_24/web/locktalkarrow-up-right https://ctftime.org/writeup/38742arrow-up-right

PreviousTypes of authNextThe JWT Crack Attack

Last updated