Demystifying API Attacks Using Gamification
ATT&CK techniques detected
T1555.003Credentials from Web Browsers
42%
"google chrome app, postman. - weak tokens : json web token ( jwt ) has soared in popularity for use within apis for its ability to provide integrity. however, an implementation of jwt without a proper cryptographic signing mechanism can lead to privilege escalation. - credential …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Learn about authentication, authorization, and security misconfiguration in API compromises by exploring this capture-the-flag game.