InfoSec Write-ups·4yAttacks on JSON Web Token (JWT)
In this article, we will discuss the attacking part on JWT, which is the hacker’s favorite part. Abusing None algorithm is used to generate a JWToken. In that case, anyone can create a forge JWT Token and submit it to a resource server because there is no signature available in the token.
Pointer·4y5 Best Practices for Securing SSH
SSH is the industry standard for both security and efficacy for remote server access. As with any software, SSH is only as secure as configurations applied to the server and client configurations. In this article, we’ll explore five SSH best practices you should observe to boost the security of your infrastructure.
DZone·4yBuilding two-factor authentication with NestJS and Postgres
2FA is an extra layer of security that confirms that the person seeking to get into an online account is who they say they are. A user's username and password must be entered first. They will then be asked to provide additional details before being granted access. This approach will protect a compromised account from fraudulent activities.
Okta Dev·4yAuthentication Patterns for PHP Microservices
In this tutorial, you’ll see how to build a small demo application consisting of four microservices and a simple API gateway. This tutorial also heavily utilizes Okta for the various authentication patterns you will implement. The tutorial will cover any operations you need to perform as they come up later.
Hashnode·4yTwNFT - Mint your tweets as NFTs easily and for free
TwNFT is a simple web application that allows you to mint your tweets as NFTs for free. It is my submission for the Thirdweb x Hashnode Hackathon. TwNFT was announced back on the 5th of January, 2022 but I didn't get a solid idea until the 18th.
