Top JWT Attacks 😀 Thread 🧵:👇 Here is how to find JWT issues: 1) JWT or JSON web tokens are widely used these days for authorization purposes so it pays off to learn about what JWT’s entail and how we can abuse them. #BugBounty #BugBountytips #infosec
5
66
249
25K
342
2) We can debug with JWT token form JWT.ioThe structure is : “header.body.key” where Header represent encryption algorithm to use , Body represent meta data of users with juicy info and key is most important which desides where server will accept your data or not
