jwtdemo icon indicating copy to clipboard operation
jwtdemo copied to clipboard

Published 20 hours ago verified publisher icon Sjord

Metadata

Practice hacking JWT tokens

Vulnerable JWT implementations

Article: Attacking JWT authentication.

Demo pages:

Attacks:

  • Change the algorithm from HS256 to none.
  • Change the algorithm from RS256 to HS256, and use the public key as the secret key for the HMAC.
  • Crack the HMAC key using John the Ripper.

Metadata

107
Stars
28
Forks
Watchers

Owner

verified publisher icon Sjord

Metadata

Practice hacking JWT tokens

Back