Documentation
¶
Index ¶
- Constants
- func AlgNoneJwtScanHandler(url string, token string) (*report.ScanReport, error)
- func BlankSecretScanHandler(url string, token string) (*report.ScanReport, error)
- func DictSecretScanHandler(url string, token string) (*report.ScanReport, error)
- func NotVerifiedScanHandler(url string, token string) (*report.ScanReport, error)
- func NullSignatureScanHandler(url string, token string) (*report.ScanReport, error)
Constants ¶
View Source
const ( AlgNoneVulnerabilitySeverityLevel = 9 AlgNoneVulnerabilityName = "JWT Alg None" AlgNoneVulnerabilityDescription = "JWT accepts none algorithm and does verify jwt." )
View Source
const ( NotVerifiedVulnerabilitySeverityLevel = 9 NotVerifiedVulnerabilityName = "JWT Not Verified" NotVerifiedVulnerabilityDescription = "JWT is not verified." )
View Source
const ( NullSigVulnerabilitySeverityLevel = 9 NullSigVulnerabilityName = "JWT Null Signature" NullSigVulnerabilityDescription = "JWT with null signature is accepted allowing to bypass authentication." )
View Source
const ( WeakSecretVulnerabilitySeverityLevel = 9 WeakSecretVulnerabilityName = "Weak Secret Vulnerability" WeakSecretVulnerabilityDescription = "JWT is signed with a weak secret allowing attackers to issue valid JWT." )
Variables ¶
This section is empty.
Functions ¶
func AlgNoneJwtScanHandler ¶
func AlgNoneJwtScanHandler(url string, token string) (*report.ScanReport, error)
func BlankSecretScanHandler ¶
func BlankSecretScanHandler(url string, token string) (*report.ScanReport, error)
func DictSecretScanHandler ¶
func DictSecretScanHandler(url string, token string) (*report.ScanReport, error)
func NotVerifiedScanHandler ¶
func NotVerifiedScanHandler(url string, token string) (*report.ScanReport, error)
func NullSignatureScanHandler ¶
func NullSignatureScanHandler(url string, token string) (*report.ScanReport, error)
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.