Understanding JWT Vulnerabilities: The 'None' Vulnerability

Ali Issa · Beginner ·🔐 Cybersecurity ·2y ago

About this lesson

In this video, we'll focus on the critical 'None' vulnerability within JWTs. Join us as we explore the fundamentals of JWTs, understand how they are structured, and uncover their potential security risks. We'll demonstrate the 'None' attack in action using Burp Suite and JWT tool. 00:00 Intro 00:00:45 JWT Fundamentals 0:04:48 Hacking JWTs using Burp Suite 0:11:41 Hacking JWTs using jwt_tool 0:19:07 Final words If you want to learn more about JWT vulnerabilities you can check out the following book Hacking APIs: Breaking Web Application Programming Interfaces: https://amzn.to/3rQDAIc . #JWT, #applicationsecurity , #Jsonwebtoken, #cybersecurity , #owasptop10, #burpsuite, #JwtTool, #penetration_testing

Original Description

In this video, we'll focus on the critical 'None' vulnerability within JWTs. Join us as we explore the fundamentals of JWTs, understand how they are structured, and uncover their potential security risks. We'll demonstrate the 'None' attack in action using Burp Suite and JWT tool. 00:00 Intro 00:00:45 JWT Fundamentals 0:04:48 Hacking JWTs using Burp Suite 0:11:41 Hacking JWTs using jwt_tool 0:19:07 Final words If you want to learn more about JWT vulnerabilities you can check out the following book Hacking APIs: Breaking Web Application Programming Interfaces: https://amzn.to/3rQDAIc . #JWT, #applicationsecurity , #Jsonwebtoken, #cybersecurity , #owasptop10, #burpsuite, #JwtTool, #penetration_testing
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Related Reads

📰
Hack Smarter Labs — Dark: From Unauthenticated WordPress Bug to Root
Learn how to exploit an unauthenticated WordPress bug to gain root access in a Hack Smarter Labs walkthrough
Medium · Cybersecurity
📰
I Tried Teaching My Non‑Tech Friend How to Spot a Scam Email. Here’s What Actually Worked
Learn how to spot scam emails and help others do the same, improving cybersecurity for non-tech individuals
Medium · Cybersecurity
📰
The Password Mistake Almost Everyone Makes (And How to Fix It in 5 Minutes)
Learn how to fix the common password mistake almost everyone makes and improve your online security in just 5 minutes
Medium · Cybersecurity
📰
NahamStore CTF (XSS)
Learn to solve a XSS challenge in the NahamStore CTF, improving your web security skills
Medium · Cybersecurity

Chapters (5)

Intro
0:45 JWT Fundamentals
4:48 Hacking JWTs using Burp Suite
11:41 Hacking JWTs using jwt_tool
19:07 Final words
Up next
Why NordPass Will Save You in 2025!
DroidCrunch
Watch →