SKILL: JWT and OAuth 2.0 Token Attacks — Expert Attack Playbook

AI LOAD INSTRUCTION: Expert authentication token attacks. Covers JWT cryptographic attacks (alg:none, RS256→HS256, secret crack, kid/jku injection), OAuth flow attacks (CSRF, open redirect, token theft, implicit flow abuse), PKCE bypass, and token leakage via Referer/logs. This is critical for modern web applications.

0. RELATED ROUTING

Use this file for token-centric attacks and flow abuse. Also load:

• oauth oidc misconfiguration for redirect URI, state, nonce, PKCE, and account-binding validation
• cors cross origin misconfiguration when browser-readable APIs or token leakage may exist cross-origin
• saml sso assertion attacks when the target uses enterprise SSO outside OAuth/OIDC

1. JWT ANATOMY