Attacking JSON Web Token (JWT)

In this post we’ll see how a website that uses JWT incorrectly allows us to create users with arbitrary data. We will rely on a challenge from the CTF TJCTF, specifically the Moar Horse 4 challenge.
Continue reading

¿Me ayudas a compatirlo?