Authentication Issues

An intro...

Auth Bypass

Find the deliberate authentication bypass.

Visit the challenge

Timing Attacks

Sometimes even the best login system can leak information through side-channels.

Visit the challenge

Client Side Auth

Never trust anything coming from the user, especially authentication.

Visit the challenge

Leaky JWT

See how easy it is to leak information in a JWT.

Visit the challenge

JWT Info Disclosure

Sometimes all it takes is a little information disclosure to break an authentication system.

Visit the challenge