I am testing an API that uses JWT for authentication. This JWT is signed HS256 to prevent modification. I figured that if I define the secret key used in this signature, I can create my own JWTs. How can I crack the JWT’s private signing key?

I ended up using…

Security Assertion Markup Language (SAML) is an open XML-based standard for exchanging authentication and authorization data between process parties Vulnerabilities are affected by the decisions of various SSO providers and several libraries using SAML SSO (Single Sign-On).

(Security Assertion Markup Language) SAML

Using the SAML protocol, users can access many of their cloud applications with…

Shaurya Sharma

Security Researcher | DevSecOps | Twitter:-https://twitter.com/ShauryaSharma05

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store