all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New Burp Extension: JWT-scanner

Add to bookmarks
April 23, 2024, 7 a.m. | Dario Caluzi

Compass Security Blog blog.compass-security.com

Authentication and authorization are critical components of any application. Various standards and frameworks have been developed to facilitate the development of such components and make applications more secure. Among them, JSON Web Tokens (JWTs) have become popular choice over the years.

In this article, we discuss commons flaws in JWT-based authentication and present our extension to automatically check for these issues in Burp: JWT-scanner.

application applications article authentication authorization burp burp extension commons components critical development discuss extension flaws frameworks json jwt popular scanner standards tokens tools web web application

Visit resource

More from blog.compass-security.com / Compass Security Blog

New Burp Extension: JWT-scanner 1 week, 3 days ago | blog.compass-security.com
application applications article authentication +20
Behind The Scenes Of Ransomware Attacks 3 weeks, 3 days ago | blog.compass-security.com
apt attacks big blog +10
Pwn2Own Toronto 2023: Part 5 – The Exploit 1 month ago | blog.compass-security.com
buffer buffer overflow buffer overflow vulnerability camera +20
Pwn2Own Toronto 2023: Part 4 – Memory Corruption Analysis 1 month ago | blog.compass-security.com
analysis corruption internet of things manage +9
Pwn2Own Toronto 2023: Part 3 – Exploration 1 month ago | blog.compass-security.com
authentication can code code execution +19
Pwn2Own Toronto 2023: Part 2 – Exploring the Attack Surface 1 month, 1 week ago | blog.compass-security.com
aim attack attack surface blog +16
Pwn2Own Toronto 2023: Part 1 – How it all started 1 month, 1 week ago | blog.compass-security.com
analysts blog blog post camera +13
Manipulating LLMs – How to confuse ChatGPT 1 month, 3 weeks ago | blog.compass-security.com
ai algorithm chatgpt data +13
Luring the Threat: Lessons from ICS Honeypots in Ukraine and Germany 2 months ago | blog.compass-security.com
apt attacks components control +29

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Intern, Cyber Security Vulnerability Management

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Compliance - Global Privacy Office - Associate - Bengaluru

@ Goldman Sachs | Bengaluru, Karnataka, India
View on infosec-jobs.com

Cyber Security Engineer (m/w/d) Operational Technology

@ MAN Energy Solutions | Oberhausen, DE, 46145
View on infosec-jobs.com

Armed Security Officer - Hospital

@ Allied Universal | Sun Valley, CA, United States
View on infosec-jobs.com

Governance, Risk and Compliance Officer (Africa)

@ dLocal | Lagos (Remote)
View on infosec-jobs.com

Junior Cloud DevSecOps Network Engineer

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com
View more jobs