International PHP Conference |
May 25 – 29, 2020 in Berlin

Hacking JWTs: The attacker’s perspective

Session
This talk originates from the archive. To the CURRENT program
Until February 6: ✓ Workshop Day for free ✓ Group discount ✓ Save up to € 700 Register now

More talks in the program:

Infos
Tuesday, October 22 2019
16:00 - 17:00

So you’ve finally secured your APIs. It uses JWT because everyone else does. But is it secure? JWTs are the new great thing that everyone is talking about, but you need to use them correctly. During this talk, we will see how we can use various attacks to hack into OAuth systems that use JWTs as a token mechanism. From token validation to brute forcing HS256, by seeing the attackers’ point of view the attendees will learn how to better defend themselves and make more secure servers.

Stay tuned!

Behind the Tracks of IPC

PHP Core Technology
Best Practices & Application

General Web Development
General Web Development & more

Agile & Company Culture
Agility has become mainstream

Software Architecture
Concepts & Environments

Security
All about Web Security

Testing & Test Driven Development
An overview of the most important topics

DevOps & Continuous Delivery
DevOps is a philosophy

Docker, Kubernetes, Cloud
An overview of the most important topics

#slideless (pure coding)
An overview of the most important topics

PHP Frameworks
An overview of the most important topics

Content Management Systems
An overview of the most important topics