logo
  • About
  • Contact
  • Hall of fame

Categories

  • Alerts and warnings
  • BU Safe
  • Hit by ransomware?
  • Incident handling
  • News

Noticed a problem?

Report an Incident
–or–

Recent Posts

  • Google Confirms 75 Zero-Day Attacks: Phones And Browsers Were Targeted
  • Mitre warns over lapse in CVE coverage
  • Over 200 Million Records Allegedly Belonging to X Leaked Online
  • Catastrophic hack of AT&T and Verizon is proof Apple is right about iPhone encryption
  • Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers

Video

https://www.youtube.com/watch?v=wMsHDH67eb4

RSS NVD Data Feed

RSS CERT-EU News Feed

Information

  • Privacy & Cookies Policy

MyJWT v1.4 releases: cracking, testing vulnerabilities on Json Web Token(JWT)

Posted on 10 January 2021

From securityonline.info

Features

  • modify jwt (header/Payload)
  • None Vulnerability
  • RSA/HMAC confusion
  • Sign a jwt with key
  • Brute Force to guess the key
  • crack jwt with regex to guess the key
  • kid injection
  • Jku Bypass
  • X5u Bypass

Read more…

Posted in News

Post navigation

Previous post: Week in review: Fileless malware, key risk areas in 2021, Patch Tuesday forecast
Next post: Glofox – 2,330,735 breached accounts
BU CERT
Authorized to use CERT(TM) - CERT is a mark owned by Carnegie
Mellon University

Other CERTs

  • National Cyber Security Centre
  • US-CERT
Proudly powered by WordPress | Theme: bu-cert by Nan Jiang.