How JWT Authentication Works, Examples & Security Best Practices JSON Web Token (JWT) authentication is a stateless, compact, and secure method for transmitting user information between a client and server via a cryptographically signed JSON object. Upon login, the server issues a JWT, which the client includes in the Authorization: Bearer header. HSTS HTTP Strict Transport Security (HSTS) is a is a web server directive that allows websites to state that they should only be accessed via a secure connection. HTML Fingerprinting HTML fingerprinting (also known as browser fingerprinting or Canvas fingerprinting) is a tracking technique used by websites which exploits the HTML5 canvas element to collect information about users, such as the browser... HTML Injection HTML Injection attack is similar to Cross-site Scripting (XSS) and is typically used in conjunction with some form of social engineering, as the attack is exploiting a code-based vulnerability and a user's trust. HTTP Bombs / Large Payload Post An HTTP bomb, also known as Large Payload Post, is a class of HTTP DDoS attack. An ‘HTTP bomb’ uses the HTTP POST method to send large, complex POST requests, usually scripted as an XML data structure... HTTP Request Smuggling (HRS) HTTP Request Smuggling, also known as HTTP Desync Attacks, is an attack technique for interfering with the way a website processes sequences of HTTP requests that are received from one or more users. HTTP Request Splitting HTTP Request Splitting is an attack technique that interferes in the parsing and interpretation of HTTP request messages to split a single HTTP request into multiple unauthorized and malicious HTTP requests to a back-end HTTP agent. HTTP Response Smuggling HTTP Response Smuggling is a technique that attackers use to manipulate and inject malicious content in the form of unauthorized HTTP responses, into a single HTTP response from a vulnerable or compromised back-end HTTP agent. Previous ... 7 8 9 10 11 12 ... Next 7 8 9
How JWT Authentication Works, Examples & Security Best Practices JSON Web Token (JWT) authentication is a stateless, compact, and secure method for transmitting user information between a client and server via a cryptographically signed JSON object. Upon login, the server issues a JWT, which the client includes in the Authorization: Bearer header.
HSTS HTTP Strict Transport Security (HSTS) is a is a web server directive that allows websites to state that they should only be accessed via a secure connection.
HTML Fingerprinting HTML fingerprinting (also known as browser fingerprinting or Canvas fingerprinting) is a tracking technique used by websites which exploits the HTML5 canvas element to collect information about users, such as the browser...
HTML Injection HTML Injection attack is similar to Cross-site Scripting (XSS) and is typically used in conjunction with some form of social engineering, as the attack is exploiting a code-based vulnerability and a user's trust.
HTTP Bombs / Large Payload Post An HTTP bomb, also known as Large Payload Post, is a class of HTTP DDoS attack. An ‘HTTP bomb’ uses the HTTP POST method to send large, complex POST requests, usually scripted as an XML data structure...
HTTP Request Smuggling (HRS) HTTP Request Smuggling, also known as HTTP Desync Attacks, is an attack technique for interfering with the way a website processes sequences of HTTP requests that are received from one or more users.
HTTP Request Splitting HTTP Request Splitting is an attack technique that interferes in the parsing and interpretation of HTTP request messages to split a single HTTP request into multiple unauthorized and malicious HTTP requests to a back-end HTTP agent.
HTTP Response Smuggling HTTP Response Smuggling is a technique that attackers use to manipulate and inject malicious content in the form of unauthorized HTTP responses, into a single HTTP response from a vulnerable or compromised back-end HTTP agent.