-
Nmap Free Security Scanner, Port Scanner, & Network Exploration Tool. Download open source software for Linux, Windows, UNIX, FreeBSD, etc.
#Security #Security Monitoring #Monitoring Tools 187 social mentions
-
JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.Pricing:
- Open Source
Now as you can see, we are successfully logged in. So lets take our jwt and try decoding it using [jwt.io](https://jwt.io/). ![](https://i.imgur.com/UJhkGj6.png) So I decided to use the ```none``` alg technique. I tried with ```none``` , ```NONE``` and ```None``` but they didn't seem to work. --- With this tecnique failing, I had to think of another way. After a long time of research, I figured out that there were two hidden file in the download folder ```.env``` and ```.git``` . I just came to my mind that there must be something interesting there, since even the challenge name is ```secret``` . --- I started with the ```.git``` by looking at the history by running ```git log``` command.
#Identity Provider #Identity And Access Management #SSO 276 social mentions