search

SasanLabs / owasp-zap-jwt-addon

OWASP ZAP addon for finding vulnerabilities in JWT Implementations
https://www.zaproxy.org/
Apache License 2.0
30 stars 10 forks source link

Incorrect Signature attach added #39

Closed killshotrevival closed 1 year ago

killshotrevival commented 1 year ago

Support added for https://portswigger.net/kb/issues/00200900_jwt-signature-not-verified, incorrect signature verification attack.

killshotrevival commented 1 year ago

CHANGELOG.md updated with new 1.0.3 release

killshotrevival commented 1 year ago

Code updated according to you suggestions @preetkaran20

preetkaran20 commented 1 year ago

@killshotrevival LGTM, merging the PR. Thank you :)