Aller au contenu

JWT Vulnerabilities

Ce contenu n’est pas encore disponible dans votre langue.

JSON Web Tokens (JWTs) are a popular standard for representing claims between two parties. However, improper implementation of JWT verification can lead to several critical security vulnerabilities.

JWTop provides built-in tools to test for these vulnerabilities automatically or manually.

The fastest way to test a live server for all these vulnerabilities at once is to use the crack command:

Terminal window
jwtop crack $TOKEN --url https://api.example.com/protected

For more details on each vulnerability, click on the cards above.