Abusing JWT (JSON Web Tokens) - Sven Morgenroth - PSW #673
Paul's Security Weekly (Video) · Security Weekly Productions
Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Learn how JWTs are implemented, both the correct way and the insecure way. Spoiler alert, most implement them insecurely. Sven will also show you some of the common attacks against JWTs, for use in your next penetration test, bug bounty, or conversation with your developers!
This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/psw673