Resultados da pesquisa: "#30daysofAPIsec"

1 resultados
Abdulmalik_cybersecurity
Abdulmalik_cybersecurity@malik_cybersec·
Day8/#30daysofAPIsec I ran jwt_tool against crAPI's dashboard endpoint and discovered the JWT implementation is critically broken itaccepts invalid signatures, unsigned tokens (alg:none),forged JWKS, and SQL injection in the kid claim. Almost every major JWT attack returned 200
Abdulmalik_cybersecurity tweet media
Abdulmalik_cybersecurity@malik_cybersec

Day 7 /#30Daysofcybersecurity Authentication attack , brute force crAPI (ApisecU lab) using rockyou.txt as my word list quite interesting but my laptop keep breaking off because it's local host @commando_skiipz @KoredeSec @akintunero @elormkdaniel @nacss_uniosun

English
2
2
23
839