Web Exploitation JWT Vulnerabilities and Attacks: alg none, Key Confusion, and kid Injection
A practical guide to exploiting JSON Web Token flaws — alg=none, key confusion, weak secrets, and kid injection — plus defenses.
Security Engineer's blog on Active Directory, Malware Analysis, and Offensive Security.
