Preview Image

JWT authentication bypass via jku header injection

Laboratorio de Portswigger sobre JWT

08/12/2024 Portswigger Labs, JWT Attacks

Preview Image

Scanning non-standard data structures

Laboratorio de Portswigger sobre Essential Skills

08/12/2024 Portswigger Labs, Essential Skills

Preview Image

Discovering vulnerabilities quickly with targeted scanning

Laboratorio de Portswigger sobre Essential Skills

08/12/2024 Portswigger Labs, Essential Skills

Preview Image

Flawed enforcement of business rules

Laboratorio de Portswigger sobre Business Logic Vulnerabilities

08/12/2024 Portswigger Labs, Business Logic Vulnerabilities

Preview Image

Inconsistent security controls

Laboratorio de Portswigger sobre Business Logic Vulnerabilities

08/12/2024 Portswigger Labs, Business Logic Vulnerabilities

Preview Image

High-level logic vulnerability

Laboratorio de Portswigger sobre Business Logic Vulnerabilities

08/12/2024 Portswigger Labs, Business Logic Vulnerabilities

Preview Image

Excessive trust in client-side controls

Laboratorio de Portswigger sobre Business Logic Vulnerabilities

08/12/2024 Portswigger Labs, Business Logic Vulnerabilities

Preview Image

JWT authentication bypass via jwk header injection

Laboratorio de Portswigger sobre JWT

06/12/2024 Portswigger Labs, JWT Attacks

Preview Image

JWT authentication bypass via weak signing key

Laboratorio de Portswigger sobre JWT

06/12/2024 Portswigger Labs, JWT Attacks

Preview Image

JWT authentication bypass via flawed signature verification

Laboratorio de Portswigger sobre JWT

06/12/2024 Portswigger Labs, JWT Attacks