BestHub
Sign in
Software Development Quality
Software Development Quality
Feb 21, 2024 · Information Security

Master JWT Security: Test, Forge, and Exploit Tokens with jwt_tool.py

jwt_tool.py is a Python toolkit that validates, forges, scans, and manipulates JSON Web Tokens, offering features such as token validity checks, testing of known CVE‑related vulnerabilities, misconfiguration scanning, claim fuzzing, secret/key verification, dictionary‑based weak‑key detection, timestamp tampering, RSA/ECDSA key reconstruction, and interactive token editing.

JWTPythonsecurity testing
0 likes · 4 min read
Master JWT Security: Test, Forge, and Exploit Tokens with jwt_tool.py
Java High-Performance Architecture
Java High-Performance Architecture
Oct 6, 2015 · Information Security

Understanding CSRF Attacks and How to Prevent Them

This article explains how CSRF (Cross‑site request forgery) tricks authenticated users into performing attacker‑controlled actions, illustrates a typical admin‑addition scenario, and outlines two primary defenses—CAPTCHA verification and dynamic token validation—to effectively mitigate such attacks.

CSRFCaptchaCross-Site Request Forgery
0 likes · 3 min read
Understanding CSRF Attacks and How to Prevent Them