JWT(JSON Web Token) 攻击面小结 | CTF导航
Tags
| attack-pattern: | Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | cddfeaf2-f643-465e-923e-217a21f3b8b8 |
| Fingerprint | f943ce02b963e532 |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | Oct. 5, 2024, midnight |
| Added to db | Oct. 31, 2024, 11:49 a.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | JWT(JSON Web Token) 攻击面小结 |
| Title | JWT(JSON Web Token) 攻击面小结 | CTF导航 |
| Detected Hints/Tags/Attributes | 14/1/22 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.ctfiot.com/212710.html |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 426 | ✔ | CTF导航 | https://www.ctfiot.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 1 | cve-2015-9235 |
|
| Details | CVE | 2 | cve-2016-5431 |
|
| Details | CVE | 2 | cve-2018-0114 |
|
| Details | CVE | 1 | cve-2020-28042 |
|
| Details | Domain | 17 | datetime.datetime.now |
|
| Details | Domain | 10 | hacker.com |
|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 28 | jwt.io |
|
| Details | Domain | 40 | gchq.github.io |
|
| Details | File | 2 | self.db |
|
| Details | File | 36 | datetime.dat |
|
| Details | File | 23 | jwks.json |
|
| Details | Github username | 2 | ticarpi |
|
| Details | Github username | 1 | sjord |
|
| Details | Github username | 1 | d0ge |
|
| Details | Url | 1 | https://hacker.com/jwks.json |
|
| Details | Url | 1 | https://github.com/ticarpi/jwt_tool/wiki/attack-methodology |
|
| Details | Url | 6 | https://jwt.io |
|
| Details | Url | 2 | https://github.com/ticarpi/jwt_tool |
|
| Details | Url | 1 | https://github.com/sjord/jwtcrack |
|
| Details | Url | 27 | https://gchq.github.io/cyberchef |
|
| Details | Url | 1 | https://github.com/d0ge/sign-saboteur |