Makimaa

Hello, good morning y'all I've wrote my 1st blog and tried sum up every thing I've understood so far in following topic, in simple way so that non-cyber ppl can also understand chk it out 🤗 and give a feedback. @Nayuu_here/explaining-open-redirect-vulnerabilities-eaf7d5f141e9" target="_blank" rel="nofollow noopener">medium.com/@Nayuu_here/ex…

@autom8nerd Pretty good

@v1239root How did they go?

(why am i putting dates wrong? it is 10 April for the quoted post) 11 April 2026 > 1x1100 on cf > took my meds. fuck exams i need them now > got meds for 30 days more ( ◡̀_◡́)ᕤ > 2 questions in atcoder beginner's contest > gonna make an assignment now, and probably gonna do some maths (hopefully) that's all...

JWT JSON Web Token (jwt) is a secure way to send information btw a client and server. it is used in web applications and APIs to verify users and prevent unauthorized accesses when jwt generates tokens its structure is Header ,Payload and signature this is how jwt token works login request the user logs in through the client application by sending their credentials (username & password) to the server.Server Generates JWT If the credentials are correct the server generates a JWT token using a secret key.if the jwt token gets expired token it will returns 401 unauthorized . Then Returns JWT The server sends the JWT back to the client application. Further Requests with JWT For any subsequent requests, the client sends the JWT along with the request. The server verifies the JWT before granting access to protected resources. Security considerations use https prevent man in the middle attacks by transmitting JWTs over https . set expiration time prevent long-lived tokens that can be exploited. and use secure storage to store jwt securely for example Http only cookies instead of local storage Common issues with JWT jwt Rejects the token if the token has expired, the signature is invalid, or the claims do not match the expected details.token does not support required scope the token does not include the permissions needed for the action.JWT Jwt is a secure way to send information btw a client and server. it is used in web applications and APIs to verify users and prevent unauthorized accesses when jwt generates tokens its structure is Header , Payload and signature this is how jwt token works login request the user logs in through the client application by sending their credentials (username & password) to the server.Server Generates JWT If the credentials are correct the server generates a JWT token using a secret key.if the jwt token gets expired token it will returns 401 unauthorized . Then Returns JWT The server sends the JWT back to the client application. Further Requests with JWT For any subsequent requests, the client sends the JWT along with the request. The server verifies the JWT before granting access to protected resources. Security considerations use https prevent man in the middle attacks by transmitting JWTs over https . set expiration time prevent long-lived tokens that can be exploited. and use secure storage to store jwt securely for example Http only cookies instead of local storage Common issues with JWT jwt Rejects the token if the token has expired, the signature is invalid, or the claims do not match the expected details.token does not support required scope the token does not include the permissions needed for the action. Jwt is not Encrypted Like JWT is encoded, not encrypted And anyone can decode payload base64 jwt is stateless servers does NOT store session data Basic question What is a common issue present in it ?

@autom8nerd Exams 🥀

@v1239root Long time no see huh

@Avinash25818689 I don't think there is any ytuber with 0 haters 😭 tho she has good content so can be possible

Name a YouTuber with 0 haters. I'll go first

@oboobotenefiok @TheCryptoBolt @Pushpak_DEV @_devvics @Abasman__sandy Nice to meet you too :)

Let me say 'hello' to some of my recent followers and/or engagers. @TheCryptoBolt @v1239root @Pushpak_DEV @_devvics @Abasman__sandy I'm into programming. Nice to meet y'all. Done for the day :-) 🦀

DAY 99/365 OF SCRIBBLING RUST 🦀 I mean, doesn't it feel good to be back here everyday? I had an idea just this evening to make the game be better interactive at its 'epilogue.' 🦀

@Avinash25818689 Congo on 1k 🥳(3rd time)

@v1239root Long time What's up😭

Me : New folder New folder (1) New folder (2) New folder (3) New folder (4)

@ZarxhNebula @PortSwigger Less go sarah :b

Another A01 lesson: never trust the client. @PortSwigger lab used a forgeable cookie (Admin=false) to control admin access. Flipped it to true → admin panel unlocked → deleted a user. That’s how easily systems get compromised. portswigger.net/web-security/a…

@sudosheggs @X Happy birthdayy segun

+1 🎂❤️🎉 Thank you @X for the balloons God is the Greatest!

@smtwt_ Ohh all the best 🥲

@v1239root Busy with mid sem prep 🥲

oki, Enough touching grass :')) >what i've been doing last month? - staring BB(#bugbounty) with sql injection and BAC vulns. -been working on web security fundamentals(dont wanna be Skid😭) -been doing some CTFs(online) -writing my 2nd blog on really basic yet important topic

@therahul4402 Hehe yess

@v1239root Damnnnnn vidhi 😳 Long time no see ??

Starting coding today… you can only pick ONE 👇 Python Java C++ JavaScript what are you choosing ?

@unshaken_soul @S8ulesports Good, hby

@v1239root @S8ulesports Hey miss makima, how's your day going?

Now it time to celebrate, @S8ulesports 😇😇

@Akhil9145 Yeahh🔥

@v1239root Good keep going 😃

@sudosheggs Thank you segun!✨

@v1239root Well done Makimaa 💪🏽

@smtwt_ Hehe😋 , why not posting these days?

@sarvesht25 Yeah definitely you can add 1 or 2 more in list but for starting xss is good

@v1239root I'm also thinking to start BB with XSS

@shreyas_chavhan Less goo🤩

one more triaged and paid, yayyyy!! 😍 coming back stronger.