Skip to content
attack.paths
Sign in
← LibraryTechnique entry
W-JWT-KIDCredential Access

JWT — kid Header Injection

kid header used to load the verification key from disk / SQL — inject path traversal or SQLi to control the key.

§ Where this technique fits

W-JWT-KID is catalogued under the Credential Access tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.