Hacking JWTs for Beginners with Farah Hawa

This episode will incorporate an introduction to JSON Web Tokens, the structure of JWT's and how they work. Once the basics are down, there will be simple walk-throughs of some common attack vectors for breaking JWT authentication. Lab: http://jwt-lab.herokuapp.com/ OUR GUEST: FARAH HAWA I'm Farah Hawa. I work as an application security engineer at Bugcrowd. I'm a part-time bug bounty hunter and I also create technical content for bug bounty hunters & web application pentesters and interview some amazing people in infosec for my YouTube channel. You can find Farah on social media:   / farah_hawa01   ▬▬▬▬▬▬ Hosts 🎙️ ▬▬▬▬▬▬ Nancy Gariché ►   / nancygari.  . Nikki Becher ►   / thedeadrobots   Tanya Janca ►   / shehackspurple   Rana Khalil ►   / rana__khalil   ▬▬▬▬▬▬ Connect with Us 👋 ▬▬▬▬▬▬ YOUTUBE ►    / owaspdevslop   DEV ► https://dev.to/devslop INSTAGRAM ►   / owaspdevslop   TWITTER ►   / owasp_devslop   LINKEDIN ►   / owasp-devslop  

Join Today
Hunting for IDORs with Katie Paxton-Fear
▶︎

Hunting for IDORs with Katie Paxton-Fear

Building Modern Access-Control for Cloud Applications
▶︎

Building Modern Access-Control for Cloud Applications

Top 10 CI/CD Security Risks
▶︎

Top 10 CI/CD Security Risks

Three New Attacks Against JSON Web Tokens
▶︎

Three New Attacks Against JSON Web Tokens

PHP Full Course For Beginners | PHP Full Course | PHP Tutorial | Intellipaat
▶︎

PHP Full Course For Beginners | PHP Full Course | PHP Tutorial | Intellipaat

Learning from AWS (Customer) Security Breaches with Rami McCarthy
▶︎

Learning from AWS (Customer) Security Breaches with Rami McCarthy

Attacking AI - Jason Haddix - NDC Security 2026
▶︎

Attacking AI - Jason Haddix - NDC Security 2026

Finding bugs with Nuclei with PinkDraconian (Robbe Van Roey)
▶︎

Finding bugs with Nuclei with PinkDraconian (Robbe Van Roey)

API hacking for the Actually Pretty Inexperienced hacker with Katie Paxton-Fear - OWASP DevSlop
▶︎

API hacking for the Actually Pretty Inexperienced hacker with Katie Paxton-Fear - OWASP DevSlop

What is JWT? JSON Web Tokens Explained (Java Brains)
▶︎

What is JWT? JSON Web Tokens Explained (Java Brains)

PLC Troubleshooting 101. Basic Steps to Diagnose and Fix Your Machine
▶︎

PLC Troubleshooting 101. Basic Steps to Diagnose and Fix Your Machine

JWT Hacking (JSON Web Token)
▶︎

JWT Hacking (JSON Web Token)

Github Actions Security Best Practices with Reethi Kotti
▶︎

Github Actions Security Best Practices with Reethi Kotti

OWASP's Top 10 Ways to Attack LLMs: AI Vulnerabilities Exposed
▶︎

OWASP's Top 10 Ways to Attack LLMs: AI Vulnerabilities Exposed

What Is JWT and Why Should You Use JWT
▶︎

What Is JWT and Why Should You Use JWT

How to Design APIs Like a Senior Engineer (REST, GraphQL, Auth, Security)
▶︎

How to Design APIs Like a Senior Engineer (REST, GraphQL, Auth, Security)

JWT token based authentication/authorization in Golang (REST API's)
▶︎

JWT token based authentication/authorization in Golang (REST API's)

Python for Hackers FULL Course | Bug Bounty & Ethical Hacking
▶︎

Python for Hackers FULL Course | Bug Bounty & Ethical Hacking

What do tech pioneers think about the AI revolution? - The Engineers, BBC World Service
▶︎

What do tech pioneers think about the AI revolution? - The Engineers, BBC World Service

Let’s Write Security Unit Tests! with Eric Johnson
▶︎

Let’s Write Security Unit Tests! with Eric Johnson