JWTs are an important part of how modern APIs are used, they assert your identify to the application. You will see them in SOAP, REST, and
GraphQL. Many decisions about authorization and access are based on the claims contained within the JWT. If there are vulnerabilities
within the framework used to create them, or in implementation decisions, the impact can be high. In this talk , I will discuss how
JWTs are generated and used. Security issues can include information disclosure, authentication bypass, authorization control bypass,
password cracking, JWT reuse, algorithms such as None, and algorithm exchange. I will demonstrate the None algorithm attack, cracking the
secret key used to sign the JWT, and algorithm exchange.
About the Speaker
Today, in addition to being a prolific SANS instructor and course author, Adrien is an independent penetration tester in both the Government and private sectors around the world.
A sought-after instructor known for his engaging, straight-forward style, professionalism, and real-world experience and examples, Adrien has taught a plethora of SANS courses. Thus showing his depth and breadth of knowledge in penetration testing, vulnerability assessment, incident handling, and intrusion detection. He is the co-author of two SANS courses; SEC460 Enterprise Threat and Vulnerability Assessment and SEC642 Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques. Adrien designs, implements and runs Capture the Flag exercises in each of his classes.
To Adrien, teaching at SANS is an opportunity to pay forward the investment his mentors and teachers made to him throughout his career. This is a chance to share his knowledge and experience while learning from the research he does to teach the material covered in a SANS course. “And, it’s rewarding to see a student who was struggling, finally understand what rooting a box feels like,” he says. “I love what I do, I am either hacking or teaching how to hack!”
Adrien has taught SANS SEC504 Hacker Tools, Techniques, and Incident Handling; SEC460 Enterprise Threat and Vulnerability Assessment (course co-author and lead instructor); SEC560 Network Penetration Testing and Ethical Hacking; SEC642 Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques (course co-author and main instructor); SEC542 Web App Penetration Testing and Ethical Hacking.
Adrien contributed to the OSSTMM3, Hacking Exposed Linux (3rd Edition), Security Incident Handling Step-by-Step Guide (SANS), the Security Incident Management Capability Maturity Model (Bell) and other vulnerability assessment and security management frameworks as well as methodologies such as SANS courseware.
A long-term volunteer member of the SANS Internet Storm Center, where he performs incident handling and threat analysis, Adrien also holds GSEC, GPEN, GWAPT, GCIA, GCIH, GXPN, OPSA, OPST, MCSE and CISSP certifications.
When he’s not teaching or consulting, you’ll find Adrien hacking in his personal time…both computers and through his practice of Karate.