"#30daysofAPIsec" Результаты поиска

Abdulmalik_cybersecurity@malik_cybersec·8 Nis

Day8/#30daysofAPIsec I ran jwt_tool against crAPI's dashboard endpoint and discovered the JWT implementation is critically broken itaccepts invalid signatures, unsigned tokens (alg:none),forged JWKS, and SQL injection in the kid claim. Almost every major JWT attack returned 200

Abdulmalik_cybersecurity@malik_cybersec

Day 7 /#30Daysofcybersecurity Authentication attack , brute force crAPI (ApisecU lab) using rockyou.txt as my word list quite interesting but my laptop keep breaking off because it's local host @commando_skiipz @KoredeSec @akintunero @elormkdaniel @nacss_uniosun

English

839