ioc[.]one - OSINT Cyber Threat Intelligence Database

Protecting Your API from App Impersonation: Token Hijacking Guide and Mitigation of JWT Theft

Tags

attack-pattern:

Show in Graph

Common Information

Type	Value
UUID	70e517e8-0547-4757-88ff-c9577857977a
Fingerprint	b5029e1b8c7d669d
Analysis status	DONE
Considered CTI value	-2
Text language
Published	April 4, 2023, 7:22 a.m.
Added to db	April 4, 2023, 10:01 a.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	Protecting Your API from App Impersonation: Token Hijacking Guide and Mitigation of JWT Theft
Title	Protecting Your API from App Impersonation: Token Hijacking Guide and Mitigation of JWT Theft
Detected Hints/Tags/Attributes	74/1/20

Source URLs

	Redirection	Url
Details	Source	https://medium.com/@talsec/protecting-your-api-from-app-impersonation-token-hijacking-guide-and-mitigation-of-jwt-theft-48e744b76327?source=rss------reverse_engineering-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	172	✔	Reverse Engineering on Medium	https://medium.com/feed/tag/reverse-engineering	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	45	source.android.com
Details	Domain	188	com.android
Details	Domain	42	com.google
Details	Domain	2	talsec.app
Details	Domain	1	identitytoolkit.googleapis.com
Details	Domain	1	letseat-example.com
Details	Domain	1	client.post
Details	Domain	4127	github.com
Details	Email	1	developer@talsec.app
Details	Email	2	info@talsec.app
Details	File	23	base.apk
Details	File	172	androidmanifest.xml
Details	File	3	my-release-key.key
Details	File	5	google-services.json
Details	Github username	2	orgs
Details	Url	3	https://source.android.com/docs/security/bulletin/asb-overview
Details	Url	1	https://identitytoolkit.googleapis.com/v1/accounts
Details	Url	1	https://letseat-example.com
Details	Url	2	https://talsec.app
Details	Url	2	https://github.com/orgs/talsec/discussions/5.